JP2000508101A - Chip card and usage of chip card - Google Patents

Abstract

(57) [Summary] Chip cards that execute transactions. In this transaction, value data representing monetary units of value or other non-monetary rights are transferred between the cardholder and at least one transaction partner (service provider), or the service provider To be presented. The chip card has a storage area for storing data necessary for executing a transaction. The chip card is further provided with means for loading the card with one or more card applications (VAS applications) and with means for permitting the execution of a transaction between the cardholder and one or more service providers.

Description

DETAILED DESCRIPTION OF THE INVENTION         Chip card and usage of chip card       Technical field   The present invention relates to a chip card, a terminal device for using the chip card, and a chip car. And a chip card system.       Conventional technology   Has payment functions such as e-wallet, e-cash, credit function Microprocessor chip cards are already in use. These cards are , ZKA (Zentraler Kreditausschuss, Central Card Committee), VISA (visa) or EMV ( From institutions like Europay Mastercard VISA) It can be used as a payment instrument (substitute for money), subject to conditions according to its characteristics. Has become. The following are representative materials.       −ZKA, “Schnittstellenspezifikation fur die ec-Karte mit chip”, 2 7.10.1995 (Central Card Committee "Interface of electronic cash card with chip" Ace Specification ", October 27, 1995);       −Europay International, “Integrated Circuit Card, Specification for payment Systems, EMV'96 ", V3.0, 30-Jun-1996 ( Europay International "IC Card Specification for Payment System, EMV'96" , V3.0, June 30, 1996); −ISO / IEC 7816-4, “Information technology-Identification cards-Integrat ed circuit (s) with contacts, part4: Interindustry commands for interchang e ”, 01-09-1995 (“ Information technology-identification (ID) card-IC with contacts, Part 4 Replacement Order, "September 1, 1995); −prEN 1546-1, “Identification card systems- Inter-sector electronic p urse, Part1: Definitions, concepts and structures ”, 15.03.1995 (“ ID Card System-Sector Electronic Wallet, Part 1, Definitions, Concepts and Structures ", March 1995 March 15); −prEN 1546-2, “Identification card systems- Inter-sector electronicpur se, Part 2: Securityarchitecture, 03.07.1995 (“ID Card System Sector” Electronic Wallet, Part 2 Security Architecture, "March 15, 1995); −prEN 1546-2, “Identificationcardsystems-Inter-sector electronic p urse, Part3: Dat-aelements and interchanges ", 09.12.1994 ("       ID Card System-Sector Electronic Wallet, Part 3 Data Elements and Exchange " , December 9, 1994);   An overview of the current state of chip cards is provided in the following document.         Technische Merkmale, Normung, Einsatzgebiet 6, ISBN 3-486-23738-1 (Stephan Schutz, Belt Colegraph Technical characteristics, standards and fields of application of Old Cards, Oldenburg Press, Munich / U Gene, 1996, ISBN 3-486-23738-1).   Conventional chip cards are usually only used for a specific purpose, for example, electronic goods. Can only be used as cloth or electronic qualification (identity) certificate . However, the applications applied to these chip cards are generally static. Yes, that is, the application is applied during chip card manufacturing (installation This was not changed during the life of the card.   That is, the conventional chip card is limited in variability and functionality. In particular , Functionality of conventional chip cards is fixed after the manufacturing process, and subsequent changes are not possible Noh.       Disclosure of the invention   Accordingly, it is an object of the present invention to provide a chip card whose functionality can be changed. It is in.   Another object of the present invention is to provide applications and applications that can be executed through a chip card. And the number and type of transactions (transactions) after the chip card manufacturing process. It is an object of the present invention to provide a chip card which can be changed even if it is not. Additional applications Must be able to be loaded onto the chip card. Applied from the chip card Must be able to erase the solution. In addition, individual applications are Defined independently of each other in terms of data processing technology and confidentiality technology, and executed independently of each other It must be.   The chip card uses, for example, data processing technology and security technology according to ISO 7816. The conditions for surgery must be met. However, each individual card of the chip card Applications must be particularly independent of the card platform itself Must.   Still another object of the present invention is to enable a user of a chip card to use the card. The number and types of available applications are determined by the user, ie It is to provide a chip card which can be combined and changed.   Still another object of the present invention is to provide an intra service (ie, an external party). Closed app in the sense that clearing process and service transfer process with Application) and interservices (external relationships with external parties (external partners)) Can be used for both applications that additionally require To provide a smart chip card.   According to one aspect of the invention, one or more card applications are provided on the card. Can be loaded so that the cardholder and / or multiple service Device that can execute transactions with each application. Device is provided.   The card is configured to have new functions by loading the application It is. In other words, the execution of an application that was not possible become able to. The application is defined by the loaded data, Basic functionality of the card that was not present on the card up to that point, for example the operating An application is realized in connection with the switching system. Therefore, the car The application is loaded only by the loaded application. Its functions are extended.   According to one embodiment of the present invention, a data structure (data) is stored on the chip card of the present invention. Database (DF_VAS)) This data structure is itself further divided into substructures and definition data sets. You. Here, the data structure is uniquely identified by a code that identifies the structure, Thus it is independent of the card platform. A so-called a Application, that is, functionality for chip cards, The application is loaded. Therefore, a specific application Special handling of the cardholder and the application by loading the application Transactions can be executed with the service provider. In the data structure The definition dataset contains the type of application loaded into the substructure and And / or retain structure. At least the definition data set, preferably the entire data structure The structure is protected by at least one system key for its modification. , The modification is only possible using that key. Instead of this system key, Other security mechanisms or means are also conceivable. This allows, for example, individuals Data can be protected from modification using an identification number (PIN) or other security measure. You.   With the above structure, various applications can be loaded into the substructure. The card can be erased from this substructure so that the card is Variable for applications that can be executed using Becomes Loading and erasing of the application is performed within the provided substructure. This is done by writing data and keys for the application. System key and data Data structure that enables multi-function (sex) processing by providing a structure identification code Is no longer dependent on the card platform itself, and Independent and independent of the card platform.   Using the card according to the application loaded in the substructure, Transactions that depend on the application are performed by the cardholder and the service provider. Can be executed with Ida.   Preferably, the chip card further includes a transfer storage area, in which the Data to be exchanged by executing the transaction is written, and the data is exchanged from this area. Data is read. To read data from the transfer storage area, the terminal device special Each key has its own key so that each access is confidential and independent of each other. ing.   Substructures and applications on the card should preferably be independent of each other. And each is assigned to a specific provider. These are, so to speak, specific accounts. The provider's proprietary or proprietary data for application execution . Therefore, these are Contains separate information for each application type and service provider. For example , Data indicating specific values (such as bonus points and remaining balance), And information about the service provider. Preferably, however, Contains application specific keys. With these keys, the data in the substructure Access to the can be performed in a type and manner independent of other substructures. Against this Therefore, loading or generating the substructure and the application itself is at least Protected by one higher system key.   Preferably, a transaction between the chip card and the terminal is performed before the transaction is executed. Mutual authentication is performed. For this purpose, application-specific authentication keys and parts A structure specific authentication key is provided.   Next, each VAS application is secured for transaction execution. Data is written into or read from the substructure, or Expanded into (implemented in) the structure via transfer storage. During this writing, Application-specific keys are used. In the case of deployment, the application Existent keys, preferably terminal-specific keys, are also used. Terminal-specific keys For example, using the key generation key provided in the card, Generated from existing data. Thus, the data is written to the transfer storage area. The written data is read by the service provider via the terminal device . Desirably, invalidate the data stored in the transfer storage area (read data). Mark. Services that are not specific to the written application In the case of a service provider, a so-called inter service is executed here. In other words, for a cardholder, at the expense of the holder, Data is exchanged between different service providers.   Another safeguard is a PIN to verify the authority of the transaction procedure. (Personal identification number) or password is further provided.   Because the card is a variable structure, a different number of different applications at different times Can be stored in the card.   The authenticity of the data retrieved from the transfer storage area is preferably a signature Protected using a key, digital key, or at least one key. this A particular advantage of this is that the retrieved data remains in the transfer storage area thereafter. If it is, the card simply marks it as “extracted data” (labeled ). As a result, even after the transaction, Get information about transactions. Therefore, (data) retrieval By the protection of (the data processing was performed only once One time) is also proved.   A further particular advantage is that the data written to the transfer storage area becomes invalid. Includes an expiration date. This allows, for example, It is possible to realize an application capable of arranging marks.   Preferably, a transaction counter (transaction counter) is provided. , Transaction date and value (numerical) data to the corresponding transaction Can be uniquely determined and identified for the application.   According to an advantageous embodiment of the chip card according to the invention, the card has a hierarchical storage. It also has a concept (concept). In this concept, at various levels with various keys, (Data) Protection against modification is obtained. In addition, this concept At the level, it is variable with respect to the application loaded into storage. Toes Each application has its own specific key, and each application has its own Protected and independent. In addition, the entire structure (data) is And protected by the structure identification code (identifier), the card platform itself Independent. Due to the above concept of transfer storage (area), card holders and Data exchange with service providers and between different service providers It becomes possible. Transfer storage device Writing / reading to / from is also key protected. Here, the key is similarly Code-specific, application-specific, but also terminal-specific . Authentication and optional PIN (PIN) before each transaction Personal identification number) or password can further enhance the security of the chip card of the present invention. You.   Claims 21 to 30 describe the use of the chip card according to the invention. Terminal device is defined. The terminal can load and delete applications, Execute transactions, monitor (browse) data, and And other functions associated with each transaction. Card holding The method of executing a transaction between a customer and a service provider is defined in the claims. Defined in paragraphs 31-33. The data loading to the chip card according to the present invention It is defined in claims 34 and 35. All including chip cards and terminal devices The body system is defined in claim 36.   Here, a preferred embodiment of the present invention will be described in detail with reference to the drawings. The drawings are as follows It is.       BRIEF DESCRIPTION OF THE FIGURES   FIG. 1 is a conceptual diagram of a chip card according to the present invention. .   FIG. 2 is a conceptual diagram of an entire system including the components of the present invention.   FIG. 3 shows a data flow of the entire system.   Figure 4 shows possible application classes and transaction models It is a conceptual diagram of operation | movement.   FIG. 5 is a conceptual diagram of a security architecture of a chip card according to the present invention. .   Figure 6 shows a typical implementation class for VAS containers. Data structure.   FIG. 7 shows various implementations of a VAS container according to an embodiment of the present invention. It is Taras.   FIG. 8 is a database (structure) of a VAS container according to an embodiment of the present invention. .   FIG. 9 shows the concept of the database of the implementation class DFPT.   FIG. 10 shows the concept of the database of the implementation class DFAD.       BEST MODE FOR CARRYING OUT THE INVENTION   Before describing the invention in detail, the concepts used in the following description are defined. VAS: Value-added services VAS card: VAS card can participate in value-added services Payment card (such as an electronic wallet) In addition to other applications, such as VAS container. VAS container: The VAS container is for managing VAS applications and for VAS applications. Data structures, access conditions, and keys to enable application functions And (auxiliary) instructions. VAS application: The VAS application contains VAS data. To VAS data Access is controlled by the VAS application. VAS provider is VAS Run one or more VAS applications within the tenor. VAS application Usage is defined by setting (applying), reading and processing VAS data . VAS applications are either intra-service or inter-service In the form of VAS Provider: The VAS provider is responsible for its VAS application. The V The AS application is based on the basic conditions of the system operator It was created with its own load, and then the system operator and terminal It is prepared so that the card holder can use it. VAS applique The option is to be loaded into the VAS container of the VAS card, Will be available after use. Intra service: Intra service is VAS application Is used under the exclusive control of each VAS provider. Intra The service application performs settlement processing with the external party (external partner) or the service. It is a closed application in the sense that there is no service transfer process. VAS app Applications take the form of either intra-services or inter-services. Inter-service: Inter-service application via additional external connections Intra-service application with mutual processing with external parties (external partners) It is. VAS applications are intra-service or inter-service Take one of the forms SO, system operator: System operator is VAS Make VAS systems available to providers and cardholders. Issuer: The issuer is the card issuer and plays VAS cards including VAS containers. Let through. CH, card holder (card holder: card holder): card holder or car Card holder (in this case, a VAS card) The person who uses the card to participate in the event. Card holders are not necessarily It is not necessary to be the original card holder (right holder). Service terminal (terminal): The service terminal is provided to the system operator. Therefore VAS application Installed for The card holder uses his / her own VAS at this service terminal. Manage VAS application on card (Load and monitor VAS application ( Browsing), erasing and forwarding). Dealer terminal (terminal): The dealer terminal has a payment function, Provides VAS functionality. The card holder inserts the VAS card into this terminal device and One pays and at the same time benefits the VAS. AID: (Application Identifier) A unique identifier for the application. The application name is 16 bytes long and can be accessed without knowledge of the data structure of the card. It is also used for selecting applications from the department. This identifier AID is a 5-byte Recording Application Provider Identifier (RID) and optional up to 11 bytes Consists of Application Identifier Registration (PIX). DF: Directory file according to ISO 7816. EF: Elementary file according to ISO 7816. Effective VAS container: A VAS container that can be authenticated to the outside world. KID: (key identifier). The number of the key in the elementary file containing the key. R & R: Rules and regulations (rules and regulations). p: Maximum number of objects of the implementation (implementation) class DF_PT. a: The maximum number of objects of the implementation class DF_AD. nr_DIR: Maximum number of objects: nr_DIR= P + a The number of records in EF_DIR is nr_DIRIt is. nr_EF__TRANSFER: Number of EF_TRANSFER records.   FIG. 1 schematically shows the structure of a chip card according to the present invention. card Master file MF set during the creation (manufacturing) process (optionally provided In addition to the static and invariant data such as the wallet function DF_PURSE, That is, a data structure or database structure DF_VAS is provided on this card. You. This helps to provide additional functionality, the so-called value-added service VAS . The above additional functionality to implement the application-these will be later, ie the card It can be loaded onto the card even after it has been created-so that the card has its own functionality and Flexible and variable with respect to transactions performed by According to the invention The card is provided by a so-called VAS container (DF_VAS) provided on the chip card Variability and flexibility with regard to the function of In addition, the container is stored on a card Application separated from card platform by security technology are doing. This makes the application independent of the card platform And sometimes even transfer to another card It is possible.   The new functionality (value added service VAS) according to the present invention This is realized by the top card. These new functionalities are implemented by VAS container Is done. The VAS container on the microprocessor chip card is a VAS application Form a platform for accepting services. VAS application is special It implements certain additional functionality.   In electronic wallet, payment by card (payment function) and VAS application ( The use of additional functionality is performed by a separate mechanism. However, the card user (Card User) or Card Holder (Card Holder) Looks like a procedure.   The microprocessor chip card can accommodate various independent applications. It is extended by the VAS container that can be used. The container is the application (configuration) ), Erase and transfer functions. These functions are performed by authorized system Available only by system operators. VAS container is a microprocessor Data and confidentiality depend on other system components on the subchip do not do. VAS containers can be completely defined and function on their own. In the container Defines an independent confidentiality architecture (configuration) for VAS applications Application has its own security Function can be used. This confidentiality architecture uses card-specific keys I do. The key is not special to the producer (card creator), It does not depend on the identifying characteristics of the form.   The VAS container also uses a mechanism to generate terminal-specific keys. This mechanism In addition, the VAS container itself proactively verifies the authenticity (certainty) of the terminal device and the terminal device. Data can be verified (checked).   The VAS application is filed in the VAS container. VAS container mechanism Data is made available through the Be done. VAS Conte provides secure data for inter-services between partners Enable and control the exchange. The VAS conte actively performs control operations. Ie , Control the authenticity and uniqueness (one-timeness) of the transfer data value.   VAS Conte, compared to other approaches to multi-application cards, Advantageously, the above concept does not depend on a specific card platform . This allows platform-specific security mechanisms (keys, identification data, Provides a confidentiality architecture that does not depend on personal identification numbers (PINs, signature methods, etc.) Is done.   Another advantage of the VAS Conte concept is that the number of different applications on the card is Must not be strictly governed by restrictions or conditions at the time of card creation or card issuance It is. Loading the actual application onto the card is up to the cardholder. And is limited only by the available storage area of each card. Actually on the card The number of VAS applications that can be loaded depends on the actual use of the card. Mosquito The card user collects the VAS applications individually on the card. Then this The combination of applications may be changed. Multifunctional card by VAS container Becomes possible. During the life of the card, the card functionality is determined by the number of applications Can be combined or used by changing the type. For this reason, Load multiple applications that required a specific card on a single card Can be used. VAS applications can be transferred to other cards. to this VAS applications can extend the life of the card Accompany the card user for the duration of the option.   A microprocessor chip card with additional services is Media that are suitable for buying and selling, and in which case, accessing protected data. I have to. These microprocessor chip cards are used for payment, Unit (equipment) And can also be used as a numerical storage. After issuing the chip card, customer's own request And flexibly set other services in the card in accordance with The card can be used for the control of. Microprocessor chip Actively control the credibility of the associated terminal device and ensure the uniqueness of the transferred data (one time Gender) and credibility.   FIG. 2 shows a system configuration diagram. Here, the system components are shown. The system operator makes the system of the present invention available. Service terminal equipment VAS application can be loaded, erased and transferred in storage (ST) . Other operations include selection, monitoring (browsing), and interpretation of the VAS application.   VAS application providers, so-called VAS providers, are system operators The VAS application according to the basic conditions of the Design. The authenticity of the corresponding terminal program depends on the conclusion of the digital signature. Verification (check).   FIG. 3 shows the flow of data in the system.   The VAS application is operated by the card operator's terminal by the system operator. Made available in the device. VAS application can be used (participated) In order to achieve this, the VAS Must be loaded on the tena (VAS-Container).   The VAS application on the card is used at the dealer terminal (HT), and V AS data is applied (set) or deleted.   In order to realize a microprocessor chip card with VAS functionality, Other applications (eg, payment applications such as electronic wallets) Is further set on the card.   VAS container can apply (set), delete and transfer VAS applications Use the function to These management functions are used only by system operators. And is protected in the card against use by others. VAS container transfers Storage device, which allows data exchange between VAS applications. Manifest.   Two instructions TRANSFER and TAKE are used to control the transfer storage. TR The ANSFER instruction creates an entry in the transfer storage for each application-specific data. To achieve. In addition to this user data, date and time There is an expiration date and identification data. With the TAKE instruction, the object is Is retrieved and marked as retrieved. For individual applications So the object is Marked as still valid or invalid. Transfer data is authenticated by VAS container Have a gender and uniqueness (one-time) test.   VAS application makes application available (preparation, setting) control Use VAS data to do Access to VAS data is a mechanism for this As controlled by the VAS application. The configuration is the same for all VAS containers. Are provided for all applications. VAS provider is in VAS container Activate one or more VAS applications. VAS application Use is defined by the setting (input), reading and processing of VAS data.   The VAS container supports (supports) inter-services. Inter service Access to shared (common) data, forward service requests and different partners Requires a liquidation (payment) of services in between.   Next, services and applications enabled by the chip card according to the present invention will be described. An example will be described.   The following descriptions each relate to implementations and functions in the state of the art. The function is In the future, it will be enabled by one or more VAS applications.   First, the intrater service will be described. Example A: Customer club   Department stores host customer clubs. Customer is a club Become a member and specialize in club qualifications that are not available to non-club members. Service. Now, club members can use club membership cards in the club environment. Proof of qualification (identity). The membership card is created when you join, but it is not transferable, Usually has an expiration date. Perform a specific transaction depending on the membership card I can't do that. In other words, there is no coordination with the customer's transaction volume. Therefore, the membership card Is limited to bonus programs where customer status and transaction value are related Have been. Similar system: wholesaler certificate, senator card, book club Goal: Club membership proved by application in VAS container It must be. Example B: Bonus system   Customers receive bonus rights for each transaction. Bonus rights are cumulative At the time determined by the customer, it can be exchanged for monetary value. Bonus rights are valid for a certain period, It is managed by anonymous or registered name. Bonus rights depend on transaction volume or frequency of use appear. Similar system: Miles & More point status Goal: Point balance is calculated in the application in the VAS container. Must be managed in a different way. Example C: Discount   Customers receive discounts (for volume) according to the plan. Discount for each transaction Allowed for each session. Cards do not maintain transaction history. Each transaction is It is complete on its own. Objective: Discount (request) rights must be managed by the VAS application. Example D: Credentials feature   Depending on the features on the card, third parties may be informed that they are eligible for a particular service. You can prove it. Proof of the certificate at the time of each transaction Must be identified (photo, personal identification number (PIN), biometric Fixed)). The authenticity of the certificate is used as a security feature. Similar systems: Internet access, home banking access, telephone card Goal: Qualification (certification) must be proven in the VAS application. Example E: Unit of value   Value units are purchased and consumed by one or more uses. Each tran One or more units are subtracted for each transaction. Use rights can be transferred and used You can also set conditions. Similar systems: regular tickets, coupons, subscription concert tickets, squas h) 10-point ticket, movie ticket, telephone Goal: This transaction must be streamlined by VAS application No. Example F: Settlement of usage fee (bill to user) Service usage is time, frequency and amount Is registered and settled according to the tariff. The range of services required I can't know before. Similar system: meal coupon, short-term parking ticket Goal: Tariff clearing is done by the VAS application. Required each time The required latest clearing data must be stored in the VAS container. Example G: Memo media (data record; mobile database)   This application allows you to transfer cardholder data to a VAS provider You. This allows you to automate transactions that are still performed manually today. You. No monetary movements occur from this data. Similar system: Filling in lottery tickets, purchase list, receipt, telephone registration Goal: VAS provider retrieves card data and immediately provides corresponding service Must be able to (eg, connect telephones, collect required goods) Collections and lottery tickets electronically) Data is stored on the card for short or long term Can be saved.   The example of the intra service was explained above, but only a few examples of the inter service Will be described.   Inter-services should be used whenever a service involves multiple VAS providers. appear. Inevitably, data leaves one VAS provider domain You. This is currently performed by writing proofs on paper (records on paper) Have been. Example A: Ride fare adjustment   The department store will refund the public transportation fare used by customers to visit the store. The customer Must be presented to the department store. The department store has been refunded On the ticket. In some cases, department stores may reimburse customers for a portion of the amount refunded. You may receive it from transportation. Goal: Refund procedures must be performed electronically. Example B: Ride coupon (voucher, voucher)   Department stores issue return coupons to customers for shopping expenses when they shop. Pay customers. The customer can go to the ticket office to get a coupon ticket or Pay and ask for a ticket. The transportation will settle the coupon with the department store. Objective: VAS application for electronic checkout between department stores and public transport Create a mechanism model with the option. Example C: Customer parking   The department store will refund a portion of the parking fee if the customer uses a specific parking lot. The parking lot is managed by an independent company and receives the borrowed money of each customer from the department store . Goal: VAS application for electronic clearing of department store and parking lot Creation of mechanism model. Example D: Multiple Bonus Program   A common bonus program between a trading group and a service provider Agree. Goal: Each partner can add or subtract bonus points for the common account on the card. The settlement of services between partners is performed in a background system. Example E: Recognition of bonus points between service providers   Each service provider activates its own bonus program, but There is agreement on recognizing other bonus points. In a known example, Regarding the “collection of“ miles ”” between the car rental company and the airline Consent is mentioned. Goal: Support transferring bonus points by card. Each service group Providers first accumulate their bonus points without any intervention. For transfer A safe mechanism must be provided. Example F: Night taxi You can get on (for example, after 10:00 pm). The taxi company has a ride certificate upon settlement You have to prove it. Take a taxi to avoid illegal use Record what you did on the card. Objective: The use, control, and usage fee processing of this service are implemented using VAS applications. Must be done.   Next, the configuration of the chip card according to the present invention will be described in detail.   Microprocessor chip cards with VAS functionality, in particular, have VAS containers. are doing.   The VAS container is a stand-alone application, the underlying card platform Present alone or with other applications on a form. VAS Conte Na is completely self-defined and can function alone. The container is usually on the same card Operable without some payment features. In particular, VAS containers have independent confidentiality VAS applications have their own confidentiality due to defined architecture Function can be used.   Value-added services include transactions from customers at VAS provider terminals. Action is also included. VAS providers provide system monitoring (browsing) and statistical data. These transactions are tracked (monitored) for purposes such as collection. card Application-specific identification to optimize and unify data structures in the application Refrain from using these numbers, and use a unique VAS container identification number (VAS container ID) is recommended. This number is used by the VAS Ida can be used. This number allows providers to manage their own numbering system The burden of doing so is eliminated.   VAS container confidentiality architecture derives (generates) card-specific keys To do this, a unique identification number (ID) is used throughout this system. The card features It is possible in principle to use the existing numbers, but it is better not to use them. This is inconsistent when VAS containers are installed on different platforms This is because there is a case where a number system is used.   The VAS container ID is issued by the system operator and creates the VAS container. Sometimes entered by the card issuer. This ID is used to delete the VAS container. Thus, it becomes invalid and is thereby removed from the system. VAS container is VAS app When the VAS container ID is removed and the VAS container ID is removed, The antenna is considered erased.   When transferring a VAS container from an old card to a new card, the VAS The antenna ID is also sent with the VAS application. This transfer uses the old VAS container. Transfer from a new card to a new card. After this procedure, the old There is no longer a VAS container in the code. The VAS container on the new card is above This is overwritten and erased by this process. VAS container ID is from old card to new card In the VAS provider background system, the reference number No conversion is required.   An individual VAS application may have two copies only under the control of each VAS provider. It can be transferred between different VAS containers. With this function, VAS container ID and VAS The (assignment) relationship with the application changes, which may be VAS Must be recorded in the provider's background system.   VAS containers do not have information on personal characteristics. VAS applications are Data, but its scope depends on data protection aspects and storage Can be minimized from the viewpoint of effective use of necessary If it is, the VAS application is a background system for personal data. And use the VAS container ID to set (establish) the relationship with the card. You.   An essential feature of VAS containers is that they support interservices. Inter-services include access to shared (common) data, transfer of service requests, And require liquidation of services between different partners. The VAS container Enables and yet secures applications in intra services Sex must be guaranteed.   So-called intra-service VAS applications are exclusive to VAS providers An application that is operated under control. VAS providers are applications Define the security of the application without external dependencies. External unless key is passed elsewhere Others cannot change VAS data.   In order to execute inter-services efficiently, partners must use shared (common) data. Access to the data. Shared data access is tiered and confidential This is realized through a holding mechanism.   The first stage (step, level) of shared access is through the public transfer area only. Done. VAS providers can exchange data through this area, but they cannot access each other. You do not need to know the application and key. To write data to the transfer area The terminal must use the appropriate key for the There is no. Anyone can read data without restriction. VAS providers and par For bidirectional data exchange with Tona, both use write keys (obtain) It is possible if possible. The transferred data is based on the VAS provider's intra-service VAS Applications can be created, and vice versa They can also incorporate data into their own intra-service VAS applications. Wear.   The second step is to invalidate (cancel) the value unit expressed in the form of VAS data It is to be. The VAS provider uses a special key for writing to convert the value unit to VAS data. Data. The unit of value is the campaign obtained from the controlling VAS provider. Consumed by interservice partners who can use cell keys It is. At this stage, partners with mutually different rights will be able to use private VAS data To access.   The third stage is the VAS data from all relevant interservice partners Direct write access to Since VAS data can be changed without restrictions, This method requires a corresponding trust between partners.   The transfer area is the function of the connection (connecting link) between VAS applications. To The data in this transfer area is stored by the VAS application in the VAS container. Generated. Do not allow the creator to run his own VAS application in the VAS container If so, the data may be placed directly in the transfer area.   The transfer area can basically be used by all applications, Only the application that has that right (key) is allowed. Rules Only the receiving side (application) who has the right in terms of rules and regulations (R & R) Can retrieve data from the transfer area. The receiving side receives the transfer data sent to itself. It checks whether it exists and retrieves the data for processing in its own application.   Prevents transferred data from being tampered with (falsified) in public (data) exchanges Data creators introduce credibility features (information), and VAS containers No. is introduced. These elements ensure the uniqueness of the transfer information and the data Source proven.   If necessary, the data creator performs a credibility check on the recipient of the transferred data. Set the possibility (means) of execution. If the receiving party does not want this, Payments are still based on loyalty and trust. In some cases, credibility feature information Is a data generation VAS probe It is only checked during settlement in Ida's background system.   Data can be extracted only once from the transfer area while maintaining the authenticity feature information. it can. Upon retrieval, the data is marked and placed in the transfer area (as a copy). ) Will be left. As a result, even after the data is retrieved, the data is not We can prove transfer procedure.   The data in the transfer area includes an expiration date. This can be used for any application Can be overridden by the The data in the transfer area is marked when retrieved. Can be used immediately for overwriting. Within the expiration date of the transfer dataset When the transfer storage area becomes full, the service terminal The owner must delete entries that are no longer needed.   Three operations are defined for creating a model of a VAS application. these The operation operates on VAS data. Loading and erasing applications is done by VAS It is a tena function and is not considered in the following paragraphs. Acquisition: Acquisition of qualifications for requesting services and VAS data for VAS applications. Proof in the data. Cancel: Generally, without consumption of application VAS data (invalidation) , Or all of the VAS data To perform the request, or to consume part of it. Electronic receipt by this procedure Is created, which is placed in the transfer area. The receipt contains an important expiration date, The date when the data can be deleted from the transfer area is described. Retrieval: Generally, for later processing (in a background system (moving) system) To retrieve the electronic receipt from the transfer area. A copy of the receipt is left, Proof.   “Acquisition” of VAS data is performed only by each VAS provider. VAS data “Cancel” is only by the VAS provider that generated the data in “Acquisition” Or to an Inter-Service Partner authorized by the VAS Provider So only done. "Retrieve" can be performed by any VAS provider. For interservices without access to VAS data with equivalent rights, partners Activates the state transfer "retrieval". The resulting receipt is then Clearing via system operator and VAS provider background system Is done. "Acquire" and "Cancel" can be performed in a single step.   VAS applications with common features are further classified. These Lass is the data in the VAS container. Form the basis of the data structure. The VAS provider is responsible for implementing the application Select an application class.   In this regard, the following application class is defined. ・ Score (storage area) database ·ticket ・ Certificate (identity, identification) certificate ・ Certificate ・ Database   The point database indicates the application class for which point accounts are managed . A point value is added (credit) or subtracted (withdrawn) to this point account. The addition is made by the VAS provider by writing the new account balance into the database. Will be The subtraction is performed by a “cancel” action, and an electronic receipt is used as evidence. It is written to the transmission area (storage area). Access to these features is available in two different It is performed using Xesky.   Tickets are canceled one or more times and are consumed accordingly Indicates the application class that contains the region. Addition of numerical values on tickets (credit G) is performed only once.   The qualification (identity, identification) certificate must be recognized by VAS data. Shows the application class containing the proof of permission. Usually this proof is It is not revoked, but may be subject to defined criteria, e.g. And is invalidated by The authenticity of the ID card, as defined by the application The presentation of the gender (eg, resident parking certificate) or identification is documented. (example For example, a shared taxi on a monthly ticket: Creating an electronic receipt using a card. This territory Tax receipts are submitted by the taxi company to public transport and settled accordingly. ) Optionally, the use of the certificate may be electronically stored in the transfer storage on the card. Documented by receipt.   Certificates are applications that temporarily store service requests (usually short-term) on a card. Indicates the application class. This electronic certificate is stored in the transfer storage area of the VAS container. Only saved. Usually, the application that uses the certificate is the application that creates the certificate Application. Certificates can only be retrieved from the transfer storage once Documented by Background authenticity features created by VAS containers May be used for liquidation in a round system.   A database is an application that stores data in a VAS container by a VAS provider. Class. The class provides additional services to the customer (eg, Millie Restaurant's last menu, last lottery number, service preferences, offer Draft list). Data is for reference only (for informational purposes) and is a VAS provider Does not represent a service request to Access to this data is provided by the VAS provider. Controlled.   Each application class is characterized by a typical use cycle. In the following table , The application period of the above three types of operations for application class VAS data (Note, “Acquisition” is not “Load Application.” Is not "application erase").                         Table 1 Use cycle ^*** Right in application class "database" There is no profit, the application just enters the data.   FIG. 4 shows a transaction model of the above application class and operation. Indicated by   Next, the security architecture of the chip card according to the present invention will be described in detail. You. The following keys are defined to ensure confidentiality:                           Table 2 List of keys   The confidentiality architecture is the life support for VAS containers and VAS applications. It is based on a cycle and has a hierarchical structure according to the responsibilities of the related instances. That Fig. 5 shows a conceptual diagram.   Next, the structure of the VAS container and the applications installed in it are explained. I will tell.   VAS container and auxiliary instructions for VAS are issued by the publisher along with other non-VAS applications. Authorized provider set on the card or at the latest at the service terminal Will be integrated into the current card platform.   As a second possibility, the following mechanism can be used. System operators and publishers Interim key K between_SO ^*Decide. Issuer opens card with key known only to himself Created a file for the VAS container, ー K_SO ^*Into (this file) DF_VAS. This allows the system operator Later (for example, when this card is first used in a service terminal) ー K_SO ^*Your own key K that only you know_SOCan be replaced with this And the system operator has other data such as KGK_DECYou can enter your own Or, for platforms with dynamic management, for VAS applications You can create and delete files yourself. Therefore, the issuer must After using the VAS container, the VAS container is no longer accessed and only the system operator Access to the AS container is guaranteed. Share with other applications ( Common) Since there is no database or data exchange, VAS container confidentiality architect The capture is independent of other applications residing on the card platform.   In a special embodiment of the invention, however, the first possibility must be used . Issuer issues VAS container with all keys according to system operator's instructions. Must be installed on the card.   The VAS container has a predetermined file structure, predetermined access conditions (AC), and several groups. Includes global data. In particular, global data is stored in VAS application rows. Key K used for key and erase_SOincluding. Only this system operator knows VA authorized by key Only S applications can be loaded. For this, the card is key K_SOThrough Request external authentication by the system operator.   Cardholder loads VAS application on service terminal If necessary, the VAS provider in charge will execute this process instead. Ask the system operator. A place for loading a VAS application into a VAS container VAS provider provides system operator with key K_LVASPAnd K_RVASPPass the operation The operator enters these keys into the application. Key K_LVASPBy VA The S provider protects application data from write access and furthermore Protect internal data from read access. For this purpose, the card is VA S Provider Key K_LVASPRequire external authentication based on That is, the card Actively check the authenticity of the terminal device. If this function is successful, the VAS application Application write access and application internal VAS data read Access is granted to this terminal. Internal authentication, ie dealer terminal equipment Inspection of VAS applications (and therefore cards) for authenticity by Option. When using the VAS application by the cardholder , Writing of these internal VAS data to the application and application Inside Change is key K_LVASPIt is possible from any terminal device that can use. Therefore, " Acquisition ”function is key K_LVASPUPDATE RECORD command, subject to external authentication by Is supported.   VAS application read access to non-internal data is key K_RVASPMa Or K_SOOr by properly entering a personal identification number (PIN) or password Only when external authentication has already been performed by the system operator. Is done. Access protected by a personal identification number or password must be provided by the cardholder. The terminal or wallet (wallet) is provided so that data can be referenced. You. The card holder of the service terminal device can check the value data or status data. PIN or password protection for reading is applied to all applications simultaneously. Whether to activate (execute) or deactivate (non-execute) the select.   Global data in the VAS container is signed with the data extracted from the transfer area Key K_{SIG_VASC}Is supported. Transactions between interservice partners Application data must be transferred under clear-cut protection for clearing In this case, the integrity of the transaction (no deception) I can prove it. Filled out by the interservice partner In addition to the signature of the option Data set, K_{SIG_VAsc}And a transaction cow managed by a VAS container And a signature based on the counter is added. Everyone is allowed to read the transfer area, , K_{SIG_VASC}Card signatures can only be generated by calling the "eject operation" (This is only possible once), so the unacceptable double A clearing process is detected. Each inter-service partner shall confirm the certificate of the retrieved certificate. Have the system operator confirm the authenticity and the one-timeness (uniqueness) of (processing) Can be. In addition, the system operator can verify the signature and use the VAS container Can prove the authenticity of   Card if the card platform supports asymmetric key procedures K personal (secret) key in_{SIG_VASC}Can be used for signing, or A key can be generated from a personal key generation key. In this case, the VAS provider Will sign its public (non-secret) key without consulting the system operator. Can be used for inspection.   Global key generation key KGK is used for VAS container data_DECIs included as part of I will. This key is used for all terminals of all VAS providers. Access key K for checking operation authority_DEGGenerate in (Key generation and inspection will be further described below). Cash value data Different confidentiality standards than when loading or acquiring rights. It is. Here, a global key is used instead of an application-specific key. It is sufficient if used. This global key is first converted to an application key , And then converted to a terminal key. The VAS provider has to generate their own terminal keys. Only the application-specific keys derived from the global key Be informed. Next, this will be briefly described.   Total message authentication code for DES key k with certain messages d and DES The operation is indicated by mac (k, d). If the information is 8 bytes or less, this expression is encoded (key (Ie, ICV = 0). This is followed by a parity The calculation of mac (k, d) to which the cut is applied is denoted by macp (k, d). As a result, k '= macp (k, d) Is a valid DES key.   Thus, the calculation of the application-specific terminal key is as follows.       1． Each card has one key             KGK_DEC Is stored. This key is the same for all cards, and the system operator's secret ( Matters). The system operator personalizes this key in the card To be done.   From this key, all other VAS application keys and terminal keys can be derived. You. 2． VAS provider AIDs VAS application A_A= RID_VASPIX_AIntroduce with And Here, the system operator is the key KGK_DECAnd applications from PIX Calculate a unique key,   KGK_{DEC, PIX}= macp (KGK_DEC,PIX_A) Give this key to your VAS provider. 3． The VAS provider does not apply the TRANSFER instruction to VAS application A. KGK for all terminals that have to be_{DEC, PIX}From each terminal identifier (Terminal ID) to generate a unique key for each.   KGK_DEC= macp (KGK_{DEC, PIX}, Terminal ID)         = macp (macp (KGK_DEC, PIX_A), Terminal ID)   The VAS provider stores these keys on its terminal. VAS provider own If the terminal device is not operated by itself, the VAS provider generates a key and To the operator of the equipment. Four. For VAS cards, when the TRANSFER instruction contains a cipher C created at the terminal Only this instruction Execute The encryption C is formed in the transfer area using the specific data data of the message. You. The card itself is KGK_DECKnows the user data and encryption from the terminal device In addition to C, it receives a Terminal ID and PIX (or the card itself Know IX. In this regard, see the section on the transfer instruction TRANSFER. This This allows the card to calculate the cipher C 'itself using the user data. mac (macp (macp (KGK_DEC, PIX), TerminalID), data) = mac (macp (KGK_{DEC, PIX}, TerminalID), data) = mac (K_DEC, data) = C '   Here, the card compares the cipher C 'calculated by itself with the cipher C calculated by the terminal device. You. If they differ, an error occurrence report is issued and the transaction ends. one If they match, the VAS card executes the transfer command TRANSFER.   Various confidentiality standards include service terminal equipment, dealer terminal equipment (for loading and And acquisition) and single-function dealer terminal (for cancellation) Is what you do. To perform a “cancel” operation, the terminal device must On the other hand, key K_DECKnowledge of You have to authenticate yourself. Key K_DECIf the matches, the intruder (terminal The user can perform the functions of this single terminal only. However, this procedure is It is recorded as a document in the code. Document is a unique sequence number, canceled And a terminal identifier. VAS applications regulate access to VAS data. Use the VAS container's confidentiality service. Realization of VAS-specific functions The row is sent to the authorized partner (party) by the definition of the access right. Limited.   Generally, for each VAS application, a publicly accessible data area ( For example, an area for reading numerical values from a wallet) and corresponding (responsible Sure) there must be a private (private) data area for the VAS provider No. The provider may provide this private area (eg, internal management information) to third parties Protect.   A card is an individual record of an elementary file (EF) according to ISO 7816-4. Does not provide different access protection for To display different locations of a file, you can use a number of files, each containing one record. Must be used.   Therefore, as shown in Fig. 6, VAS data is stored in four elementary files. By classifying Application Class "Point storage (database)", "Ticket", "Certificate" Different access protection for "certificate" and "data memory (database)" Can be realized.   The four elementary files contain the following content and are protected by the following: You.                       Table 3 Outline of file   This structure of the elementary file (EF) is compatible with all application classes. To support the same and distinct access rights.   By the way, similar application classes are put together and one imme This implementation class is assembled into a presentation (implementation) class. Determines the number and size of elementary files. For this reason, application Since various areas are required for each application, use a smaller storage area. Can be. Application class "point storage" and "ticket" are the same resource Requires KF_KEY, EF_INFO, EF_INTERNAL and EF_VALUE. It is organized into the annotation class “DF PT”. Application Class "Qualification Elementary files EF_KEY and EF_INFO for "certificate" and "data memory" Suffices, so it is summarized in the implementation class "DF_AD". Quantity In p, there are p objects of the implementation class DF_PT and The number of objects of the mentation class DF_AD is a, and application Class "point memory" and "ticket" and application class "qualification" Certificate and data memory can be loaded.   In particular, for all VAS participants to exchange shared data The application class "Certificate, which must include public read access The implementation class "transfer area" is used. Writing Access is correct K_DECOnly indirectly using the TRANSFER instruction which needs to be signed It is possible. This implementation class is a global From only one entry in the elementary file EF_TRANSFER belonging to the data Become. Objects of this class are records in the file. these The implementation class is also called "EF TRANSFER".   Within the VAS Conte there is an implementation class shown in FIG. these The implementation class of forms the memory model of the VAS container.   There are two methods for creating a memory model. Which one to take depends on the platform of the card Form. − Fixed partition of storage area for VAS container   For the implementation classes DF_PT and DF_AD, the maximum object size for each The number of objects p and a are determined by the issuer, and the issuer uses the CREATE FILE instruction. And loaded on the card. DF_PT these objects_iAnd DF_AD_iIndicated by rear In addition, a VAS application is a free object, that is, another VAS application. Objects not occupied by the application Can be loaded on the Here, UPDATE RE is used to load and delete the VAS application. Only the CORD instruction is required.   That is, the publisher can use both implementation classes as needed. Determine the number of objects. This is the actual VAS user profile of the cardholder. It does not always match the turn (how VAS is used). Classification is the term of use of the card Will be kept through. VAS applications should have appropriate implementation Loaded into an object that is a class. Then, the implementation class DF_AD If none of the objects can be used (no longer), for example, credentials Object of the implementation class DF_PT Can be loaded into the event. Assign VAS application to objects Apply the triplet (VAS application) to the global file EF_DIR of the VAS container. Application PIX, load object FID, application clear text Name). Is application removal EF_DIR? Corresponding to removing the triplet from the application The memory by reading the data (by the UPDATE RECORD instruction) (destructive) Read).   This variation also eliminates the dynamic generation of DF / EF structures. Used on card platforms that do not support leaving. -Dynamic configuration of implementation class objects   For each VAS application to be loaded, the underlying imp The files needed for the creation class are set by the CREATE FILE instruction. . When erasing the VAS application, the DF / E occupied by this application F is completely removed from the card, freeing up memory space. Implementer The maximum number of objects in an application class is not explicitly determined here by the publisher , Depends only on the available memory space in the card.   The above variations are based on dynamic database by card operating system. Need resource management.   The following embodiment is based on the first variation. This is the second burr Due to high demands on the card platform used. . However, dynamic database management is available and dynamic setting of objects Saves memory when it is guaranteed to be advantageous in terms of management costs Can incorporate this initiative and provide flexible services to cardholders. Can be provided.   Next, the VAS container and functionality of the VAS customer card, Shows data structures and instructions that are implemented in comparison to other system components. further, In the case of a typical commerce showing each interaction between a VAS container and a terminal On the other hand, the VAS operation is determined. It is performed under the following initial conditions.       ・ In the dealer terminal device, each card is independent of the platform , The same data interface and the same command interface can be used. Therefore, the required instructions are clearly stated in the coding (of the card).       -The service terminal device can recognize the card platform. Therefore, the machine Performance is obtained by platform specific instructions. Therefore, this procedure Is partially informally described. How this feature is provided Is left to the card manufacturer.   In this regard, the various implementation classes of the VAS container are diagrammatically described. It is shown in FIG. Fig. 8 shows the data structure of the implementation class of the VAS container. Fig. 9 shows the data of the implementation class DF_PT. Fig. 10 schematically shows the structure. Fig. 10 shows the data structure of the implementation class DF_AD. It is something.   VAS container file access is the following access Explicitly limited by conditions (AC).                         Table 4 Access conditions The file access conditions are as follows.     ALW (Always) = File access of this instruction is always allowed     NEV (Never) = File access of this command is always prohibited      ・ K_SO= Key K before access_SOExternal authentication of the system operator using There must be      ・ K_LVASP= Key K before access_LVASPExternal authentication of VAS provider using Must      ・ K_RVASP= Before the access, the terminal device approved by the VAS provider is key K_RVASP Must be externally authenticated using       ・ PIN = The correct PIN is possessed before access Input to the card in plain text not encrypted using the VERIFY command. Must be sent       ・ PIN or K_RVASPOr K_SO= Before access, correct PIN is given to cardholder Must be entered, or K_RVASPBy VAS provider using Or K_SOMust be externally authenticated by the system operator using Must.   The thing to note here is that they are connected by "or" as described above (Or-linking ) Access rights are not normally provided by the card operating system . In such cases, special implementation costs are required. (Substitutability: explicitly Special READ instruction with fixed security attributes).   The data fields in the record of the elementary file are separated according to the following format. Classified as: ASCII, binary, BCD, data, format string.   Data element type "format string" packed VAS data Expressed in format. This expression form can be displayed to the card holder in the terminal device.   For optimal data storage use, plaintext and binary data are combined and formatted. It can be displayed by a mat macro.   All elementary files (EFs) in the VAS container are in accordance with ISO 7816-4 Converted to a linear format as a fixed-length record EF file (linear fixed-length record File).   DF_VAS elementary file EF_ID is one record including VAS container ID Consists of   DF_VAS elementary file EF DIR is nr_DIRConsists of records. VAS container For each VAS application loaded in the EF_DIR, the corresponding Proprietary ID extension (PIX) of the application and the physics of the application The storage area (the FID of DF_X where the application was loaded) is set. PIX is an example For example, as an identifier, the application and the server to which the application is assigned Identify the service provider.   The entry in EF_DIR is dynamically set by the service terminal of the system operator Is done. An empty TLV object "61" is set for a record with no entry .   When loading a VAS application, a suitable implementation The empty storage area of the glass is searched first, and specific VAS data is written to the area. Finally, a new record is created in EF_DIR.   When erasing the application, An empty TLV object must be written in EF_DIR.   The elementary file EF VERSION of DF_VAS indicates the version number of the VAS container. Includes one record.   The version number is based on the VAS container variations (modifications). And / or used on the terminal to distinguish between different software versions. Can be used.   The DF_VAS elementary file EF_SEQ contains the number of the next transfer field entry. Includes one record.   The serial number is read by the auxiliary command TRANSFER. This instruction is then transferred In the field EF_TRANSFER, in particular, the record for transferring the serial number from EF_SEQ Make it. The sequence number, together with the instruction TAKE, each record is once from the transfer field Guarantee that it will be removed. TAKE further reports that this is a serial number Record with signature using. This means that the (original) certificate (voucher) It is guaranteed that the receipt has been retrieved only once.   Next, the transfer area will be described in detail.   The transfer area is set inside the VAS container and n_{EF_TRANSFER}Contains records. this The entry of the record of the file includes the transfer data generated by the TRANSFER instruction. Data exchange between VAS applications via transfer area The VAS data of the class “certificate (voucher)” is stored.   The transfer area can be read without restriction, but write access is a command unique to VAS. This is only possible with the commands TRANSFER and TAKE.   Loading of the data in the data field by the TRANSFER instruction It is done according to the "use" algorithm. The oldest data in the file is the record Can be detected by searching for the minimum value within the first two bytes of.   The data field may be "fetched" and / or "taken" by the TAKE instruction. Moved "can be marked in the transfer area. In either case, the data in the transfer area Data deletion is performed by overwriting new data.   Each record in the transfer area includes, for example, expiration date, terminal ID, PIX, serial number, other Including optional data.   List DF_X (X = PT₁, .., PT_p, AD₁, ..., AD_a) Each elementary file EF_IN FO is one record consisting of expiration date and general VAS data of VAS application including. Here, for example, ticket type (regular ticket or coupon ticket) or boarding place Can be mentioned. However, EF_INFO has at least one application Must include the plaintext name of This plain text name is "VAS It can be read for "monitoring (viewing)" operation of the application. VAS providers must protect sensitive data with appropriate foreign key algorithms No.   External authentication is K_SOOr K_RVASPOr PIN protection is required by the cardholder. This EF can be read when the correct PIN is entered in the active state .   List DF_X (X = PT₁, .., PT_p, AD₁, ..., AD_a) Each elementary file EF_IN TERNAL is used by the VAS application via the VAS application loaded in the file. It consists of one record that can contain the internal VAS data of the data. Other card holders No VAS provider can read this internal data.   List DF_X (X = PT₁, .., PT_p, AD₁, ..., AD_a) Each elementary file EF_VA in The LUE consists of a record that can contain an integer field of VAS data. Outside Department authentication is K_SOOr K_RVASPOr PIN protection is activated by the cardholder. Enter the correct pIN or the correct password in the active state When this is done, this EF can be read.   The key fields following these are set by the VAS container or VAS application. Can be used. The following description assumes complete DES coding. Ie , All keys in the VAS container are DES keys, 8 bytes (Including parity bits).   KID (Key Identifier, Key Identifier) in VAS container and VAS application ifier), the following keys can be referenced.                       Table 5 VAS container key  Each key is tied to an error count. This counter indicates authentication failures for these Register with the key, and when the limit entered in the counter is reached, use after that Ban.   Within the VAS application, the following keys can be referenced using their KIDs.                 Table 6 VAS application key   Each key is linked to an error counter. This counter indicates authentication failures Register with the key of, and use after that when the limit entered in the counter is reached Ban.   The VAS container stores a personal identification number or password (PIN). This is VERIFY Used by order to identify the cardholder. PIN is connected to the error counter You. This counter registers erroneous input and inhibits the comparison of pIN when the limit is reached. Stop. This disabled state is reset by the system operator using appropriate management commands. it can. The counter is reset by entering the correct PIN.   There are the following parameters for the VAS container. These are the card platforms By the card issuer according to the available space on the team and the personal requirements of the issuer Can be selected.       ・ Maximum of p implementation class DF_PT Number of objects             = Application class "dot" that can be simultaneously loaded into the VAS container Maximum number of VAS applications for "number memory" and "ticket"               A maximum number of objects of the implementation class DF AD number             = Application class that can be simultaneously loaded into the VAS container Maximum number of VAS applications for "certificate certificate" and "data memory"       ・ Nr_DIR  Maximum integer of object: nr_DIR= P + a Record in EF_DIR Number is nr_DIRIs       ・ Nr_{EF_TRANSFER}  Number of records in ET_TRANSFER   The storage area required for the size of the elementary file is as follows.                                                 Number of bytes   VAS container EF ID 4   Global Day EF_DIR 9 * (p + a)   TA EF VERSION 1                          EF_SEQ 2                          Global key 64 + 2                          , PIN   Transfer field ER_TRANSFER 48 + nr_{ER_TRANSFER}   VAS provider EF_KEY (p + a) * 32   Exclusive data of EF_INFO (p + a) * 62                          EF_INTERNAL p * 10                          EF_VALUE p * 3   Parameters p, a and nr_{EF_TRANSFER}For example, if you select On the other hand, the following storage area is required (excluding auxiliary instruction storage area) ). Parameter Required area p = 8, a = 3, nr_{EF_TRANSFER}= 15 2030 bytes p = 10, a = 5, nr_{EF_TRANSFER}= 20 2758 bytes   The maximum required area is expected to be approximately 10% greater than the minimum required area.   Next, the command of the chip card according to the present invention will be described in detail.   The READ RECORD instruction is used to read data from a linear elementary file. used. The card sends the contents of the record in response. EF is short fire File identifier (SFI).   The status code "9000" indicates that the instruction has been executed normally. Excluding that The code indicates that an error has occurred.   The UPDATE RECORD instruction writes data to a record in a linear elementary file (EF). Used to remember. Command message to EF, record and data Including references.   The response from the card contains the status code. Status code "9000" is life Indicates that the order was executed successfully. Any other code indicates an error.   The GET CHALLENGE command requests a random number from the card. EXTERNAL AUTHENTICA random number Used for dynamic authentication in TE instructions.   The reply message from the card contains an 8-byte random number and a status code. S The status code "9000" indicates that the instruction was executed normally. Other Indicates an error.   The EXTRERNAL AUTHENTICATE command allows authentication of the terminal to the card. This life The order is within the scope of the VAS application, the system operator and the VAS provider. Used for authentication. EXTERNAL AUTHENTICATE transfers the cipher to the card . This code is generated by the terminal device encoding the random number in advance. Must be there. The card uses this cipher as a reference value calculated by the same method. Compare with If they match, the card authenticates the access condition for this key. Is recorded internally. If they are different, the card has the status "Authentication Is returned, and the internal error counter is decremented. The counter value is zero , All subsequent executions of EXTERNAL AUTENTICATE will have the status "Authentication prohibited." Is rejected.   The response information from the card includes a status code. Instructions regarding the card and If the authentication at the terminal is successfully executed, it is indicated by status code "9000". Is done. Any other code indicates an error.   The INTERNAL AUTHENTICATE instruction is used to check the authenticity of the VAS container at the terminal. Used for For this purpose, the card encrypts the data using reference data from the terminal device. calculate. The terminal generates its own code and compares it with the value from the card. these If they match, the terminal device recognizes the authenticity of the VAS container.   The response from the card for the execution of the command is a code and the status for the execution of the command. Including code. Successful execution of the instruction is indicated by status code "9000". It is. Any other code indicates an error.   The VERIFY command is used to verify the cardholder's PIN. This instruction is encoded Send the PIN data that has not been sent to the card. The card is a reference that stores the PIN data Compare with value. If the input data and the stored value are equal, access condition "PI N "is considered satisfactory.   The response information from the card for executing the command includes a status code. Stator The code "9000" indicates that the instruction was executed normally. Other codes Show the error.   The TRANSFER instruction creates an entry in the transfer (storage) area. This instruction has three types Is defined.       1. EF_VAL for applications of class "ticket" or "point score" An entry is created in the transfer area by subtracting the value in the UE field.       2. Creating a receipt in an application of class "Credential Certificate" Creates an entry in the transfer area.       3. By creating a certificate in an application of class "certificate", Make an entry in the transfer area.   This mode is automatically selected by the card. That is, the selected app If the instruction is executed in the application DF, first check whether EF_VALUE exists. Is done. If there is EF_VALUE, the card executes the instruction in mode 1; The instruction is executed in mode 2. Application DF must be selected in VAS container If so, mode 3 is used.   The terminal device supplies the following data to the card when calling the TRANSFER command.       ・ Latest data       .For entries in the transfer field (area)         Expiration date       ID for the terminal device that generated the entry       .User data for transfer fields       ・ PIX of VAS application (mode 3 only)       ・ Numerical unit of subtraction subtraction (only mode 1)       ・ MAC, serial number and VAS container number related to the above data.   The card executes the following sequence when calling the TRANSFER command.       1. Search for a free entry in the transfer area. (Overwrite existing entry In some cases, the priority is listed in the following list in descending order. That is, "Moved Entry, retrieved entry and expiration date, expiration date Expiration ”.       2. A PIX is added to data from the mode 1 and mode 2 terminal devices.       3. A serial number is assigned to the data from step 2.       4. Attach the VAS container ID to the data from step 3.       5. KGK_DECUse PIX to encode PIX and KGK_{DEC, PIX}Generate       6. KGK_{DEC, PIX}Use to encode the terminal ID and use K_DEC Generate       7. Create a MAC using the data from step 4.       8. The MAC in step 7 is compared with the MAC from the terminal device. If they are different, The card discontinues this function and KGK_DECDecrement the error counter for.       9. Mode 1: Numeric field in the register where the application is loaded Check the field EF_VALUE. If the number in this field is not enough, the card Discontinues this function immediately. If sufficient, the numeric fee in the application Subtract this number from the field.       Ten. Create instruction information.       11． Increment EF_SEQ by one.   Therefore, it is not necessary to display the data set in the response. In addition, the number of records May be assumed to be known.   The TAKE instruction provides the following modes.       • Move the data, and at the same time record that the data has become invalid.       • Move the data, but do not record that the data has become invalid. data Is kept more effective.   The command message contains the terminal ID, the PIX of the application, and the randomness generated by the terminal device. Including fields with numbers.   The PIX in the instruction indicates the application that moved the data. This has been moved Data set may differ from the PIX. This PIX is the dealer terminal that moved the data K_DECUsed only for generating   The card response message is the record given in the transfer area command message. K about C_{SIG_VASC}C with₁, VAS container ID, C₁Transfer data using K of activated terminal device_DECC with_TwoAnd a random number from the instruction message. The response message further includes a status code. Key K_DECIs generated as above Is done. Cryptography and K_DECThe credibility is implicitly proved by the VAS container using You. A proof of authenticity and a proof of uniqueness are calculated by cipher C (C is a serial number, Formed from the moved bits of the record in the send field and the VAS container ID. Because it is). This proof can be verified by the system operator.   The status code "9000" indicates that the instruction has been executed normally. Excluding that The code indicates the case of an error.   Where SO is AID according to IS0 / IEC 7816-5_VASAnd request. See VAS RID 5 bytes long for system_VASAnd request.   AID of list DF_VAS_VASIs AID_VAS= RID_VASPIX_{DF_VAS}Let it be represented by   The command message includes, for example, expiration date, terminal ID, transaction data, Fields for operation mode (eg PIX in mode 3) and fields including encryption Consists of   The encryption is key K_DECIs calculated using In this case, the data used for MAC formation is , For example, transaction data and terminal ID.   The response message of the TRANSFER instruction contains an 8-byte data file during normal execution. Field and a 2-byte status code "9000". Other status A response message with a code is considered an error. Response message data Data field is error-free (that is, in particular, Is correct), K in the instruction message_DECIncludes ciphers encoded with. This As a result, implicit (K_AUTInstead of internal authentication by Proof of authenticity is made.   The TAKE instruction takes an object from the implementation class EF_TRANSFER. Used to launch. The execution of the TAKE instruction is technically the file EF_TRANSFER Is to read the record to be provided from. Where the record is the new entry Has enough storage for As long as the record (data set) is stored in the file, Only ". Technically, the TAKE instruction is used to retrieve the dataset Can be used, but according to the rules and regulations (R & R), Only VAS providers should use it.   The following items can be assumed for the data retrieval procedure. Get a certificate or receipt The VAS provider that wants to start searching for a suitable data set in the transfer area (for example, S Search using EEK instructions or by explicitly reading each record). In any case However, the data set is read and its contents are checked.   According to the rules and regulations (R & R), a 3-byte P IX_AIs given, so that the AID in the VAS container_A= RID_VAS PIX_AVAS app in Application can be uniquely identified. After selecting DF_VAS, VAS application A Select list <PIX_AYou can select with>.   UPDATE KEY (KID, K) indicates a command that depends on the card platform. this Allows a key to be replaced with a new value K using the key identifier ID.   The card holder of the dealer terminal device checks the implementation class DF_PT or Or DF_AD (application class "point memory", "ticket", "credential book" Or VAS application from "data memory or database") Before the VAS application becomes available, the VAS application Must be loaded into the VAS container at the service terminal device. In principle Means that the card issuer receiving instructions from the VAS provider and the SO At the time of installation, one or more VAS applications have already been It is also possible to load it into the box. This loading procedure is the same as the procedure described here. This is a special case.   VAS application load progress       1. The card holder inserts the VAS card into the service terminal device.       2. The service terminal checks whether there is a VAS container.             ・ SELECT FILE <AID_VAS> (Error when VAS container is not selectable Reported).             ・ READ RECORD <SFI, O of EF_ID> (display of VAS container number).             Optionally, you can check the validity of the VAS container. This For this purpose, the service terminal requests internal authentication of the VAS container.             ・ INTERNAL AUTHENTICATE <random number, K_AUTKID> service terminal returns Check answer and error   If (with error display), cancel the procedure. 3. The service terminal allows the cardholder to select a plurality of options. So One of them is "Loading VAS application". Card holders select. Then, in the service terminal device, all the VAS The application is displayed to the cardholder and awaits selection. Therefore, the operation “VA S application monitoring (browsing) "is started. Card holder is impressed Select VAS application A of the annotation class DF_pT or DF_AD. 4. The service terminal device operates the VAS content by selecting “VAS application”. Examine the PIX and select the PIX_AVAS application with load already loaded in card Determine if it is. If present, an error signal is displayed. If not , An object of the appropriate implementation class for A is used in the VAS container. The availability is checked. This uses available records in EF_DIR (eg It is executed by searching (for example, by SEEK instruction). If there are no available records, -A report is made. Available If there is a code, this record indicates that the VAS application has not been loaded X FID_{DF_X}including. 5. A to the next available object of the appropriate implementation class for V AS application A is loaded. For this purpose, the service terminal must first be turned off. Fline, two keys K from VAS provider (eg provider SAM)_LVASpAnd K_RVASP And assign those keys to the new VAS application.       ・ SELECT FILE <FID_{DF X}>       ・ GET CHALLENGE       ・ EXTERNAL AUTHENTICATE <K_SO(Random number), K_SOKID>       ・ UPDATE KEY <K_LVASP, K_LVASPKID>       ・ UPDATE KEY <K_RVASP, K_RVASPKID>       ・ GET CHALLENGE       ・ EXTERNAL AUTHENTICATE <K_LVASP(Random number), K_LVASPKID>       ・ UPDATE RECORD <EF_INFO SFI, data of DF_X>       ・ UPDATE RECORD <EF X INTERNAL SFI, data of DFX>       ・ Optional (initial signature): UPDATE RECORD                 <DF_X EF_VALUE SFI, data>     6. After the writing to the EF is completed normally, the service terminal device starts the operation “VAS Application <PIX_A, FID_{DF_X}> Input. This application is DF_X to PIX_AWith this, (SELECT FILE AID_VASAfter pre-selection by PIX)_A SELECT FILE becomes possible using.   This mechanism made available by the transfer area, for example, without an occupied DF structure Depending on the VAS provider who wants to run the intra service or inter service Can be used. In addition, the cardholder, especially before using the VAS application, It is not necessary to load this application on the service terminal for the first time. No. On the contrary, the cardholder can send the certificate or receipt directly to the dealer terminal. Can be issued and refunded at another terminal device (by removal operation), or , A certificate or receipt can simply be presented (by manipulating the reading). did Therefore, the log of the VAS application of the implementation class ET TRANSFER The code is executed by implicit input of VAS data, or such The operation is performed (input of VAS data). In this regard, the impression See the description of "Acquisition" in the mention class ET_TRANSFER.   The progress of the entry operation of the VAS application will be described below.   When a VAS application is loaded into a VAS container, the application Which DF_X (X = PT₁, .., PT_p, AD₁, ..., AD_a) Or true The terminal device does not know the physical location of whether it has been loaded. Made of card From the point of view of the manufacturer, there are two possible implementation methods that can be checked separately. Note that ZK Compliance with the A (Central Card Committee) standard must be specifically observed. Case 1: Access to EF_DIR is possible. The following conditions must be satisfied.       AID is assigned to the FID of DF_X (eg under DF_VAS) EF_DIR is on the card platform as standard. VAS application in DF_X above Application actually exists.       -This DF_X can be read by anyone (READ RECORD AC: ALW).       ・ PIX_AVAS application A with vacancy by system operator Is loaded into the active (unused) DF_X, When an entry is written to the temporary file DF_X (CREATE FILE ) Not!), File EF by UPDATE RECORD   _DIR is the entry PIX_AOnly expanded. UPDATE RECORD is FID_XRefer to DF_X using Because it is shining. Therefore, the AC of UPDATE RECORD is key K_SOBy outside Require authentication. • After DF_VAS has already been selected, the instruction SELECT FILE <PIX_A> Is transferred to the card , DF_X loaded with VAS application A should be directly selectable . VAS application A loaded in DF_X and subsequent elementary files Must be erased at the service terminal at the request of the cardholder , The corresponding file is not deleted by DELETE FILE, but the written data is downloaded. It is just overwritten with the me value. Then, PIX from EF_DIR_A(Strictly speaking, PIX_AWhen A pair of references to DF_X) (eg, key K_SOUPDATE RECORD after external authentication by ) Can be erased. -Since the number of DF_X is fixed, the number of records in EF_DIR can be known.     If these approaches can be realized, the following results will be obtained. ・ After selecting DF_VAS, SELECT FILE PIX_ATo quickly select a VAS application You can choose. Second case: EF_DIR cannot be accessed.   There is no EF_DIR available on the card platform, or as described above If neither read nor write access can be made to EF_DIR, then DF_VAS And the file EF_VASDIR must exist. EF_VASDIR contains system operations. (K_soUsing an explicit UPDATE RECORD instruction (after external authentication by And PIX_AFrom the VAS application that loaded the data to the physical storage area in DF_X Link is generated. Reading and erasing records from EF_VASDIR is as described above. It shall be possible.   The operation "entry of the VAS application" is performed as follows.   PIX_AVAS application A with FID in advance_{DF_X}Loaded into DF_X with . FID_{DF_X}Are recorded in the service terminal device.     1. SELECT FILE <AID_VAS> (Error reported when VAS container is not available Is).     2. GET CHALLENGE     3. EXTERNAL AUTHENTICATE <K_SO(Random number), K_SOKID>     4. UPDATE RECORD <SFI, FID of EF_DIR of DF_VAS_{DF_x}, PIX_A, FID_{DF_X}With number Record value>   VAS applications with implementation class DF PT or DF AD Service terminal equipment (under control of the system operator) at the request of the cardholder Can be erased only by VAS application of the implementation class EF_TRANSFER The solution can be deleted by anyone anywhere. In erasure, implementation Class DF_PT and DF AD VAS applications and implementations We must distinguish between the RAS TRANSFER VAS applications.   Erasure process of VAS application of the above implementation class DF_PT or DF_AD       1. The card holder inserts the VAS card into the service terminal device.       2. The service terminal checks whether there is a VAS container.       ・ SELECT_FILE <AID_VAS> (Error reported when VAS container is not available Is).       ・ READ REC0RD <EF_ID> (display of VAS container ID)       3. Service terminal allows cardholder to select multiple options ing. One of them is "delete VAS application". Card holder Chooses this. Then, all the implements loaded in the VAS container Te All VAS applications in the application class are displayed to the cardholder and selected. Wait for a choice. For this purpose, the operation "monitoring (viewing) of the VAS application" is started. It is. Card holder is AID_AWith the implementation class DF PT or DF_AD Select VAS application A. The object on which the VAS application was loaded The project is called DF_A. 4. After selecting DF_A, authentication of the service terminal device is performed.   ・ SELECT FILE <PIX_A>   ・ GET CHALLENGE   ・ EXTERNAL AUTHENTICATE     <K_SO(Random number), K_SOKID> 5. This will erase the contents of the file from DF_A (EF_KEY, EF_INTERNAL and EF K for _VALUE_LVASPThese are initiated by the system operator because Will be erased).   ・ UPDATE KEY <K_LVASPKID, “00 ... 00”>   ・ UPDATE KEY <K_RVASPKID, “00 ... 00”>   ・ GET CHALLENGE   ・ EXTERNAL AUTHENTICATE     <K_LVAS(Random number), K_LVASKID>   -UPDATE RECORD <SFI of EF_INFO of DF_A, "00.             ..00 ”>           -UPDATE RECORD <EF_INTERNAL SFI of DF_A, “00 ... 00”>           -UPDATE RECORD <SFI of EF_VALUE of DF_A, “00 ... 00”>       6. After the writing to EF is completed normally, the terminal device then reads VA from EF_DIR. S Clear application entries.           ・ SELECT FILE <AID_VAS> (Error is reported when VAS container cannot be selected.) Will be notified)           ・ UPDATE RECORD <SFI, FID of EF_DIR_ of DF_VAS_{DF_A}Record numerical values with , "00 ... 00", FID_{DF_A}>   PIX_AThe link to DF_A is released in this way, so PIX_AWith SELECT FILE Can no longer be performed.   Next, the implementation class EF_TRANSFER will be described.   VAS application of the implementation class EF TRANSFER is a card place At the request of the owner, the dealer terminal or service according to the rules and regulations (R & R) Erased by the service terminal (however, technically, either terminal is possible ). Deleting an object from EF_TRANSFER will delete the new object (eg (E.g. certificate or receipt) is empty in the transfer area to store This is especially necessary when there is no place to go. This erasure is always performed via the auxiliary instruction TAKE. It is done indirectly. This instruction marks the object as “moved”. It just works. Therefore, it can be overwritten by the following auxiliary instruction TRANSFER. is there. VAS application erase process       1. The card holder inserts the VAS card into the terminal device. This terminal is EF_TRAN The contents of SFER can be displayed (special operation of "monitoring (viewing) of VAS application") Case).       2. The terminal checks whether there is a VAS container.           ・ SELECT FILE <AID_VAS> (Error is reported when VAS container cannot be selected.) Will be notified)           ・ READ RECORD <SFI, 0 of EF_ID> (display of VAS container ID).       3. Service terminal allows cardholder to select multiple options ing. One of them is "delete VAS application". Card holder Chooses this. Then, at least, the implementation class EF_TRA All VAS applications in NSFER are displayed to the cardholder, waiting for a selection. This is realized as a special case of the operation "monitoring (viewing) of VAS applications" Is done. Card holder is a certificate Or an object of the implementation class EF_TRANSFER containing the receipt Select This object has a record number A. Card holder is optional Execute       4. The terminal marks the record with record number A as "retrieved". You. That is, the terminal device takes the A, the random number calculated by itself, the PIX and the terminal ID with the TAKE instruction. Transfer with.           ・ TAKE <A, random number, PIX, terminal ID>   The record marked "Retrieved" is now ready for a new certificate or receipt. Re-enabled for receipt.   Hereinafter, the progress of the VAS application selection will be described.   VAS application A of the implementation class DF PT or DF AD When loaded into the VAS container by the action "Load VAS application", This application can be selected in two steps by the terminal device. VAS Conte Na is selected first. Then PIX_AIs selected.       1. SELECT FILE <AID_VAS> (Error is reported when VAS container cannot be selected.) Will be notified)             Service terminal equipment must verify the authenticity of VAS containers Can be inspected. For this purpose, the service terminal requests internal authentication of the VAS container. You.       ・ READ REC0RD <EF_ID SFI, 0> (display of VAS container ID)       ・ INTERNAL AUTHENTICATE <random number, K_AUTKID>   The service terminal checks the response and if an error occurs (with an error indication) Cancel processing.       2. SELECT FILE <PIX_A> (VAS application A loaded in VAS container Otherwise, an error is reported).   Dealer terminal equipment (KGK_AUTCan not be used) the authenticity of VAS application A Inspection can be used to indirectly confirm the authenticity of the VAS container. The reason is that VAS app The application is responsible for checking the authenticity of the VAS container during the loading procedure. This is because it can be loaded only to the device. The credibility check of VAS application A is VAS container is key K for VAS application A_LVASPOr K_RVASPholding Can be attributed to testing at the dealer terminal device. This is like For example, the following inspection can be performed by a dealer terminal device.       ・ INTERNAL AUTHENTICATE             <Random number, K_RVASPOr K_LVASPKID>   To test whether VAS application A is loaded in the VAS container, Can be done by selecting . The error message in the SELECT FILE response message (display) indicates that the application It can be concluded that no A exists.   The selection of the VAS application of the implementation class EF TRANSFER Operation "monitoring (viewing) of VAS application" and storage of data in terminal device Is done implicitly. The terminal device displays the record number of each displayed object. Can be known from EF_TRANSFER, so by referring to the record number , Any object can be selected (for each record number) for subsequent processing.   Next, the progress of VAS application monitoring (browsing) will be described.   The operation "monitoring (viewing) of VAS applications" is an implementation RAS DF_PT, DF_AD All VAS applications of EF_TRANSFER to service terminal Display as a list. Implementation class EF for dealer terminals  Only VAS application of TRANSFER can be displayed. These applications This is because the option does not have access protection. Also, if the dealer terminal has read permission With (K_RVASPApplication) Implementation class DF PT and DF AD application Options can also be displayed as options.   Progress of the above VAS application 1. Cardholders use VAS cards (chip cards with valid VAS containers) Insert into device. 2. The service terminal checks whether there is a VAS container.     ・ SELECT FILE <AID_VAS> (Error is reported when VAS container is not available ).     ・ READ REC0RD <EF_ID SFI, 0> (Display of VAS container ID)   Optionally check the validity of the VAS container. For this, service terminals The device requires internal authentication of the VAS container.     ・ INTERNAL AUTHENTICATE <random number, K_AUTKID> service terminal checks response If an error occurs, stop the process (with an error display). 3. Service terminal allows cardholder to select multiple options . One of them is "monitoring (viewing) of VAS application". Card possession Chooses this. 4. The service terminal authenticates itself. ・ GET CHALLENGE ・ EXTERNAL AUTHENTICATE     <K_SO(Random number), K_SOKID> 5. Implementation classes DF PT and DF AD For each VAS application, depending on the contents of EF_DIR, Options are continuously selected and controlled. Key K_SOEF_INFO after external authentication by (Or part of it according to rules and regulations) and the contents of EF_VALUE are displayed. ・ I = 0, ... nr_DIRIf -1     ・ READ RECORD <EF_DIR SFI, i>           Response if no VAS application is loaded in the corresponding DF Message PIX_AIs displayed as "00..00". READ RECORD from EF_DIR Alternatively, you can use the SEEK instruction in some cases.     ・ PIX_AIs not "00..00"     -SELECTFILE <PIX. > ・ READ REC0RD <EF_INFO SFI, 0> -Display of response message (partial in some cases) ・ READ RECORD <SFI, 0 of EF_VALUE> ・ SELECT FILE <AID_VAS> 6. For VAS applications of the implementation class EF TRANSFER , The contents of EF_TRANSFER of each record (or one of EF_TRANSFER by rules and regulations) Part) is read. ・ SELECT FILE <AID_VAS> ・ I = 0, ... nr_{EF_TRANSFER}If -1       ・ READ RECORD <SFI, i of EF_TRANSFER>       (The response message contains the contents of the ith record of EF_TRANSFER)       • If the content is not zero, the content is interpreted (eg, Is expired) is displayed.   The dealer terminal has read permission (K_RVASPOwnership) The monitoring (browsing) of the application of the class DF_PT and DF_AD is as described above. There are different cases. Only used by system operators for external authentication K that can_SOInstead of key K_RVASPIs used. Dealer terminal device is K_AUTIn use If you want to check the authenticity of the VAS application even though you cannot The terminal device must be able to use (at least one) VAS application instead of internal authentication. Request authentication. This is the key K that the card corresponds to, as described above._RVASPMa Or K_LVASPDone by knowing.   For a VAS application of the implementation class EF_TRANSFER, As described above, the contents of EF_TRANSFER of each record (or EF_TRS ANSFER) are listed consecutively.   The operation "interpretation of the VAS application" is executed in the same way. For this, the terminal The device works for the cardholder "VAS application interpretation" can be selected. Operation "monitoring (viewing)" EF_INFO and EF_V that need to be interpreted by the VAS provider in addition to the data displayed in Data from ALUE (eg, externally encoded data) and EF_I From NTERNAL (eg Miles & More Data (like the number of files) can also be displayed. However, this is because the VAS Only VAS applications where Ida has made the appropriate key available (at my discretion) Is possible. In order to read the application EF INTERNAL (outside Key K)_LVASPis necessary. Elementary file EF INFO and EF VALUE And for externally encoded data in the transfer area EF_TRANSFER , Need the corresponding key of the VAS provider. The terminal program interprets the data The selected VAS application for which the application key for It can be easily determined using IX.   The operation "transfer of VAS application" is performed on the service Transfers all or selected VAS operations to the destination card It is to be. The condition at this time is that the VAS container of the transfer destination card is a VAS application. Application is not included, and after the transfer, all VAS applications The option is to be erased. In both conditions, the operation "Delete VAS application" Is continuously applied. In addition, the authenticity of both cards is checked. The destination card must have enough storage space. Transfer The work itself essentially extends the action "monitoring (viewing) of VAS applications" It is based on things and actions "Repeat application of VAS application loading" You. In the above monitoring (viewing) operation, data from EF_INTERNAL and key K_LVASPAnd K_RVASP Is further read.   Along with the VAS data, the VAS container ID is also transferred to the destination (target) card Therefore, the VAS application on the destination card is the same as on the source (source) card Can work like that. This is because the key generated by the VAS provider is Key, and those keys are copied without change This is because that. In addition, providers typically identify VAS cards by VAS container ID. And keep the accounting process in the background system as it is. Try to. It is important to note that the transfer of VAS container IDs must comply with this entire system. This is to delete only one number from the transfer source card in the system.   Elementary file EF_INTERNAL and key K_LVASPAnd K_RVASPSpecially read Service Terminal K_SOExternal authentication (operation "delete VAS application" and Same), then key K_LVASPOverwrite, then key K_LVASPNew certification by You can transfer (overwrite) data from EF_INTERNAL after going to.   In addition to the VAS application of the implementation classes DF PT and DF AD , The file EF_TRANSFER must also be transferred (overwritten). To do this, The work "Move (Removal)" is executed continuously, and the "Retrieve" Move objects that are not marked "released" or "expired". Sign the object's signature_{SIG_VASC}Inspect the object using the To the EF_TRANSFER of the host. However, these objects are not displayed on the destination card. Since the event is not marked as "removed", it remains valid.   Finally, the global data of the VAS container must be transferred. In particular, The sequence counter of the destination card must be set to the value of the source.   Next, the procedure for inputting VAS data will be described.   Depending on the type of VAS application, VAS data can be input at the dealer terminal device. Thus, three types of cases are possible.   First, in the case of the implementation classes DF_PT and DF_AD, Is explained.   The VAS provider provides VAS applications for the implementation classes DF_PT and DF_AD. Write data to the application. Input process of VAS data       1. The card holder inserts the VAS card into the dealer terminal device.       2. The dealer terminal checks whether there is a VAS container.       ・ SELECT FILE <AID_VAS> (Error reported when VAS container cannot be selected Is done).       ・ READ RECORD <SFI, 0 of EF_ID> (display of VAS container ID).       3. The authenticity of the VAS container is checked. The dealer terminal itself is the master Key KGK_AUTIf this is the case, this dealer terminal will use the internal authentication of the VAS container. Can request.       ・ INTERNAL AUTHENTICATE             <Random number, K_AUTKID>       (KGK_AUTDealer terminal device does not have VAS application A) The credibility of the VAS container can be checked indirectly via credibility. The reason is that VAS The application checks the authenticity of the VAS container during loading. Only low Because you can do it. The credibility check of VAS application A is performed by VAS container Key K for application A_LVASPAnd K_RVASPIs included in the dealer terminal device Attribute it to testing. This is a dealer terminal device. Can be done. ・ SELECT FILE <PIX_A> (VAS application A is not loaded in the VAS container If not, an error is reported.) ・ INTERNAL AUTHENTICATE       <Random number, K_RVASPOr K_LVASPKID>   The dealer terminal checks the response, and if an error occurs (error reported), processes it. Interrupt. 4. The dealer terminal selects VAS application A, authenticates itself, and executes the transaction. Describe the elementary file required to execute the operation. ・ SELECT FILE <PIX_A> (Skip if already executed in step 3) ・ GET CHALLENGE ・ EXTERNAL AUTHENTICATE       <K_LVASP(Random number), K_LVASPKID> ・ Option: UPDATE RECORD <SFI of EF INFO of DFX, data> ・ Option: UPDATE RECORD <SFI of EF INTERNAL of DFX, data>       ・ Option: UPDATE RECORD <SFI of EF VALUE of DFX, data>   Next, the “acquisition” in the case of the implementation class EF_TRANSFER is described. Will be explained.   In particular, VAS applications (applications) of the implementation class EF_TRANSFER Application class “certificate”), the VAS provider There is no need to reserve a dedicated file structure DF_X for the application. As a result, the car The owner of the VAS application must use the VAS application certificate before using the certificate. There is no need to go to the service terminal to load. Just the card holder Issues a certificate or receipt directly from the dealer terminal and sends it to another terminal. Refund (reimbursement) (with action "Removal") or issue a certificate or receipt Can simply be presented (by reading). Implementation of VAS data A VAS application of the application class EF TRANSFER is implicitly loaded. this For each application class, whether it is an individual object of the type record There is an implementation class EF TRANSFER consisting of: EF_TRANSFER d Entries are only possible with the TRANSFER instruction. For this, the dealer terminal equipment The location is a valid ejection key K_DECOwns the PIX of the VAS application A_ACan be used There must be. Input process of VAS data       1. The card holder inserts the VAS card into the dealer terminal device.       2. The dealer terminal checks whether there is a VAS container.       ・ SELECT FILE <AID_VAS> (Error reported when VAS container is not selectable Be done)       ・ READ RECORD <SFI, 0 of EF_ID> (Display of VAS container ID)       3. The dealer terminal reads the serial number. This number is It is assigned to MAC from step 4.       ・ READ RECORD <SFI, 0 of EF_SEQ> (display of serial number)       4. One record is written to EF_TRANSFER by the TRANSFER instruction.       ・ TRANSFER <Transaction data, expiration date, generated code, data, PIX_A, K_DECMAC with       5. The dealer terminal checks the response message of the TRANSFER command to determine the VA Check whether the S container is correct (ie, the common secret key K_DECDo you have A) can be inspected. In this regard, refer to the already explained response message of the TRANSFER command. I want to be illuminated.   Finally, the acquisition by canceling the VAS data will be described.   The VAS provider cancels (cancels) using the TRANSFER instruction. The right (certificate or receipt) can be created in the transfer area EF_TRANSFER. This proof The letter or receipt can be further used by other VAS providers. data EF VALU for VAS application A by VAS provider to perform cancellation Canceled from E or EF_INFO. The card holder must have an object in EF_TRANSFER. This right is obtained in the form of a project. Progress of VAS data entry (input)       1. The card holder inserts the VAS card into the dealer terminal device.       2. The dealer terminal checks whether there is a VAS container.       ・ SELECT FILE <AID_VAS> (Error reported when VAS container is not available Is).       READ RECORD <EF_ID SFI, 0> (display of VAS container ID).       3. The dealer terminal reads the serial number. This number is It is assigned to MAC from step 4.       ・ READ RECORD <EF_SEQ SFI, 0> (sequential number display).       4. The dealer terminal selects the VAS application A.       ・ SELECT FILE <PIX_A> (VAS application A loaded into VAS container If not, an error is reported.)       5. Dealer terminal cancels data from EF_VALUE or EF_INF0 Use TRANSFER to       ・ TRANSFER <data, K_DECMAC with         The structure of the TRANSFER command message has already been described. Terminal device is K_DECIn de If you can sign the data correctly, you have the right to cancel. This signature Is checked by the VAS container. If the check passes, the VAS container Therefore, one record is set in EF_TRANSFER, and the serial number is incremented. Is       6. The dealer terminal checks the response message of the TRANSFER command, , Whether the VAS container is correct (ie, the common secret key K_DECPossess Can be inspected).   Here, the procedure for canceling the VAS data will be described. Two types of cancellation procedures There is   First, the implementation classes DF_PT and DF_AD VAS data for a given VAS application is provided by the corresponding VAS provider. Canceled by the action "Cancel", that is, VAS data Can be canceled by acquiring the data. This consumes one value (value) Potential rights to other values.   In other procedures, VAS data is taken once from EF_TRANSFER by the TAKE auxiliary instruction It is possible to take out. In this case, the right is consumed and the data is Marked in the transfer field for further use (for example, Refunded tickets are still needed for return) You. This means that this data will be overwritten by other objects when needed. Will be kept until done. Progress of cancellation of VAS data by TAKE instruction       1. The card holder inserts the VAS card into the dealer terminal device.       2. The dealer terminal checks whether there is a VAS container.       ・ SELECT FILE <AID_VAS> (Error is reported if VAS container is not selectable Will be announced).       ・ READ RECORD <SFI, 0 of EF_ID> (display of VAS container ID).       3. First, the dealer terminal operates the VAS app. Objects that can be used using the special case of From EF_TRANSFER to determine if the object being sought was sought You. Alternatively, you can search for samples using the SEEK instruction. The above process If successful, the terminal recognizes the number i of the detected record.       4. The terminal device uses the TAKE instruction to generate the number i, the random number calculated by itself, Sends the PIX and ID of the user, and marks the record with record number i as "moved" I can.       ・ TAKE <i, random number, PIX, terminal ID>   The dealer terminal issues a TAKE instruction to read data from EF_TRANSFER. use. In this instruction, at the same time as the processing, the data is marked as “moved”. wear. By executing the TAKE instruction, two different ciphers C₁And C_TwoIs generated.   Cryptography C₁Is the key K_{SIG_VASC}Calculated by VAS container using. This , C₁The creator of this retrieved object, signed at Proof of uniqueness (of the process) and authenticity can be obtained from the data. transaction The uniqueness and authenticity of the object originated (checked by card (See TRANSFER)) VAS provider encryption and transaction The value of the sequence counter for the application Cryptography C₁It turns out from.   Cryptography C_TwoThe VAS container is KGK_DECK generated using, PIX and terminal ID_DEC Is calculated by the VAS container using Common secret key K_DECBecause I know The VAS container can directly prove the authenticity of the VAS container itself to the terminal device. Even in the TRANSFER order, only the correct certificate or receipt is in the correct VAS container. Since the memorization is checked in the same way, the Can conclude credibility. Cryptography C_TwoIs the serial number, extraction bit, and VAS container ID Since the VAS container is generated indirectly from the Uniqueness can also be proved to the terminal device.   "Eject" processing using the TAKE instruction is permitted by anyone.   Furthermore, in service terminal equipment, the implementation classes DF PT and D For reading FAD VAS application, password or PIN protection Can be activated or activated. The VAS container PIN is a car that knows the PIN. Can be changed by the_SOSystem authentication by external authentication using Can be restored by a perlator. PIN or password of any length Non-numeric signs or those Can be used.

[Procedure of Amendment] Article 184-8, Paragraph 1 of the Patent Act [Submission date] December 11, 1998 (1998.12.11) [Correction contents]                               The scope of the claims 1. In a chip card for executing a transaction, the transaction The value data representing monetary value units or other non-monetary rights is Transfer with at least one transaction partner (service provider) Sent to or presented to the service provider for verification of the rights, The chip card is used to store data necessary for executing the transaction. Memory device, wherein the chip card further comprises:   One or more cars, each assigned to a particular service provider Applications (VAS applications), each of which is the card holder Transaction between the service provider assigned to the application A method for loading an application that allows the application to run on the card. Steps and   Exchange or offer to execute transactions between different service providers A service to contain data representing the indicated monetary value unit or non-monetary right A transfer storage area (EF_TRANSFER) not occupied by the service provider,   The transfer storage in response to a write command (TRANSFER) Means for writing data to the area. 2. The loading means,   A data structure (DF_VAS, VAS container) stored inside said means, The data structure is   In which the transaction between the cardholder and the service provider is performed. A substructure (DF_) that can load the data (VAS data) needed to enable the row PT, DF_AD, VAS application)   The type of data stored in the partial structure (VAS application) and / or Or a definition data set containing information about the structure, Furthermore   Identify the data structure (VAS container) and / or the chip card An identifier (container ID) and the definition data set and / or the data structure (VAS container) at least one system to ensure that the integrity of the Temukey (K_SO2. The chip cap according to claim 1, further comprising: Mode. 3. The card is   Use at least one system key to store data required to execute a transaction. Means for loading said substructure using   Adapting the data of the definition data set to the data loaded in the substructure Means for writing data to the definition data set,   Additional substructures that can load the data needed to execute the transaction Means for generating in said storage of a card, and / or   Means for dynamically managing memory on the card,   Claims 1 or 2 comprising at least one of the following features: Is a chip card according to item 2. 4. Each of the partial structures (VAS application) has a specific service provider. A plurality of independent substructures assigned to   The definition data set has at least one system key (K_SOChanged by) Is protected from, and can be changed only by the synute key,   Loading of the data structure (VAS application) is performed in the definition data set Claims characterized by being able to be executed only using the included system key 4. The chip card according to any one of items 1 to 3. 5. The chip card according to any one of claims 1 to 4, wherein ,   The definition dataset further includes at least one of the following features:   For authentication of the authority of said chip card to a terminal device and / or At least one authentication key for authenticating the authority of the terminal device to the chip card (K_AUT),   At least one signature key for signing data retrieved from the transfer area; ー (K_{SIG_VASC}),   Write procedure and / or cancellation of value data in the transfer area (no Terminal or application-specific key to verify the Key (KGK)_DEC),   A PIN to verify the authorization of the cardholder for the transaction,   The system key (K_SO), The authentication key (K_AUT), The signature key (K_{SIG_VASC} ) And the key generation key (KGK)_DEC) Is specific to the card or has a data structure ( DF_VAS), and   The partial structure (VAS application) has at least one of the following features: thing;   At least one numeric storage (EF_VALUE) to hold value data,   At least one internal record for containing internal data related to said substructure Storage (EF_INTERNAL),   At least one information for accommodating non-internal data related to the partial structure Storage (EF_INFO), and   The numerical storage area and / or the internal storage area and / or the information storage area Confidentiality of write and / or read procedures to / from At least one key (K_LVASP, K_RVASPKey storage (EF) _KEY); The chip card further comprises:   The numerical storage area and / or the internal storage area and / or the information storage area Including means for writing to and / or reading from / to the load; The means for doing   Storing the key in the key storage under the protection of the at least one system key; Including means for writing. 6. The chip card according to any one of claims 1 to 5, Wherein the partial structure includes at least one of the following features:   Key (K) to verify that you have permission to write data in the substructure_{LVA SP} ),and   Key (K_{R VASP} ). 7. The key stored in the key storage area is Peculiar,   The at least one partial structure (VAS application) includes at least one The unique key (K_LVASP, K_RVASP) Protects the execution of the transaction by , The key is specific to each substructure (VAS application) and That each of the substructures (VAS application) is independent of the key The chip card according to any one of claims 1 to 6, characterized in that: 8. The card includes a plurality of the partial structures (VAS applications), Each of the substructures is a transaction between a particular service provider and the cardholder. Used to execute the transaction,   The transaction execution includes writing data to / from the transfer storage area and And / or reading and / or writing data to / from said numerical storage 7. The method according to claim 1, further comprising: The chip card according to any one of the above items. 9. Between individual substructures (VAS applications) and between substructures and service providers Further comprising means for executing a transaction with the binder. The chip card according to any one of claims 1 to 8, wherein Ten. The system key (K_SO) Is known only to the system operator (SO) With keys that are specific to the card and / or specific to the data structure (VAS container) Yes,   Other keys included in the definition dataset are card-specific and / or Is a key specific to a data structure (VAS container). 10. The chip card according to any one of items 1 to 9. 11． The chip card according to any one of claims 1 to 10, Wherein the definition dataset has one or more of the following features: Chip card:   An identification number (EF_ID) unique to the data structure,   A directory of a partial structure (EF_DIR) included in the data structure, In the partial structure (VAS application) loaded in the data structure (VAS container) A unique identification number and the substructure (VAS app) within the substructure (VAS container) Application) contains information about the physically stored part, and   Version number of the data structure (EF_VERSION). 12． Any one of claims 1 to 11 In the above chip card, the card has at least one of the following features:   Retrieving and / or canceling data from the transfer storage area Means for performing the TAKE procedure, and   Retrieving and / or canceling data from said transfer storage area; Means for generating one or more authenticity features for the data. 13. To generate authenticity features,   A signature key (K) for generating a digital signature for the retrieved data_{S IG_VASC} )When,   Of the transaction, which is also used to generate the digital signature. Means for generating a transaction number representing the characteristic. The chip card according to any one of claims 1 to 12, wherein: 14. The signing key (K_{SIG_VASC}) Is generated from a private key generation key Private key for the service provider to verify the signature. 14. A method according to claim 1, wherein a public key is used. The chip card according to claim 1. 15． The chip card according to any one of claims 1 to 14, The card has at least one of the following features:   The key generation key (KGK_DEC) Using a key specific to the terminal device and the substructure ( K_DECMeans for generating   Authorize transactions and / or use at least one of the following features: Means to verify protection,   A key (K_DEC),   At least one of the authentication keys (K_AUT),   At least one of the system keys (K_SO),   At least one of said substructure-specific keys (K_LVASP, K_RVASP),   The signing key (K_{SIG_VASC}),   Said PIN,   Said identifier of a substructure; and   The terminal identifier. 16． The chip card according to any one of claims 1 to 15, The card further has at least one of the following features:   Before starting the read or write procedure, use the authentication key to And / or means for authenticating the terminal device, and   Protected by digital signature and / or keying (encoding) A means for performing a read or write procedure. 17． The chip card according to any one of claims 1 to 16, The card further has at least one of the following features:   Means for activating and deactivating said PIN protection; and   Means for changing the PIN. 18． The data structure according to any one of claims 1 to 17, wherein Independent of the card platform, said card further   For transferring said data structure or a part of said data structure onto another card 18. A method according to any one of claims 1 to 17, characterized by including means. Chip card. 19. The service provider's unoccupied storage area, which is different from the service provider Write / read data to / from the area by different service Value data representing monetary value units and / or other non-monetary rights between A chip card including a storage area for transfer. 20. Use of the chip card according to any one of claims 1 to 19 Terminal device for the, the terminal device,   Identification of the data structure (VAS container) of the chip card, and Identifier to identify (container ID) and means for identifying   The terminal further has at least one of the following features:   At least one of the substructures and / or the definition data set and / or Or means for reading data from the transfer storage area of the card,   Means for writing data to a transfer storage area of the card, and   Data necessary for executing a transaction is stored in at least one partial structure of the card. The means to load into the structure (VAS application). twenty one. The terminal device according to claim 20, wherein the terminal device further comprises: Has at least one of the features:   For executing a transaction between the service terminal device and said cardholder Means for executing the transaction includes at least one of the following steps: ;   Writing data to the numeric storage area;   Writing data to the transfer storage area,   Retrieving and / or canceling data from the transfer storage ,   Reading data from the substructure; and   Reading data from the transfer storage area. twenty two. 22. The terminal device according to claim 20, wherein the terminal device further comprises: To   Authorize transactions and / or use at least one of the following features: Including means for verifying protection;   A key (KDEC) specific to said terminal device and substructure,   At least one authentication key specific to the card or specific to the data structure (DF_VAS) ー (K_AUT),   At least one system specific to the card or specific to the data structure (DF_VAS) Mukey (K_SO),   At least one substructure-specific key (K_LVASP, K_RVASP),   At least one signature specific to the card or specific to the data structure (DF_VAS) Key (K_{SIG_VASC}),   PIN specific to the card or specific to the data structure (DF_VAS),   An identifier unique to the substructured application; and   An identifier unique to the terminal device. twenty three. Means for writing data to the transfer storage area,   For proof of write permission, a key (K_DEC) Including means for generating (encoding) keys from data using You The terminal device according to any one of claims 20 to 22, wherein the terminal device comprises: twenty four. Data from the transfer storage area being retrieved and / or canceled Claims comprising means for performing a data retrieval procedure. 24. The terminal device according to any one of items 20 to 23. twenty five. The terminal device according to any one of claims 20 to 24, wherein The terminal further has at least one of the following features:   Means for characterizing the data in the transfer storage area as "retrieved"; And   Means for characterizing the data in the transfer storage area as "expired". 26. The terminal device according to any one of claims 20 to 25, wherein The means for executing a transaction further has at least one of the following features. One: Means for changing value data in the substructure; and   Different service providers at the expense of the cardholder and for the benefit of the cardholder A means for executing a transaction (interservice) between Ida. 27. Using at least one authentication key, the car The authority of the terminal device to the terminal and / or the card to the terminal device. Means for authenticating the authority of the   Means for protecting transactions by said cardholder using a PIN When,   A contract including means for activating and deactivating PIN protection. 27. The terminal device according to claim 20, wherein the terminal device is a terminal device. 28. The terminal device according to any one of claims 20 to 27, wherein The terminal further has at least one of the following features:   Means for transferring an identifier unique to a terminal device to the card,   Means for transferring an identifier unique to said partial structure to said card;   Keys specific to terminal devices and substructures and keys specific to the terminal devices and substructures Means for authenticating said authority using a unique identifier; and   Read protected with digital signature and / or key generation (encoding) Or a means for performing a write procedure. 29. The terminal device according to any one of claims 20 to 28, wherein The terminal further has at least one of the following features:   Means for selecting a substructure (VAS application),   Means for monitoring (viewing) a partial structure in the terminal device;   Means for monitoring (viewing) partial structure data in the terminal device;   Means for loading a partial structure (VAS application) on said card;   The identifier of the loaded partial structure (VAS application) is loaded into the card. Means to do   Means for erasing a partial structure from said card;   Means for replacing one substructure with another substructure;   Means for transferring one partial structure to another card, and   The substructure to the function of the substructure and the service provider associated with the substructure To read and monitor (browse) information stored in the partial structure. Means. 30. Card holder and at least one service using chip card and terminal A method for executing a transaction with a provider, the method comprising: The method involves one of the following steps:   Prepare the data structure stored on the chip card Step; The data structure includes a transaction between the chip card and a service provider. Assigned to the service provider to enable the execution of transactions Card application (VAS data) data is loaded,   Perform a transaction between the service provider and the cardholder Write data to / from the data structure (VAS application) or Reading step,   The service provider's non-dedicated transfer storage (ET_TRANSFER), which is different Money exchanged or presented between service providers when executing the transaction Provision for transfer storage to contain data representing a unit of value or non-financial rights Steps to do, and   Writing data to or reading data from the transfer storage area. 31. 31. The method according to claim 30, wherein the method further comprises the following steps: 20. A chip card according to claims 1 to 19 Steps to use   Using the terminal device according to claims 20 to 29, and   The numerical description of at least one of the partial structures (VAS application) Storage, internal storage or information Writing or reading data to / from the information storage area. 32. 32. The method according to claim 30 or claim 31, wherein the method further comprises: Including at least one of the following steps:   The terminal device and / or the chip car using at least one key Authenticating the authority of the   Digital signature and / or key generation (encryption) using at least one key Code) to protect the transaction. 33. In a method for loading data on a chip card using a terminal device The method further comprises at least one of the following steps:   Loading data into the partial structure of the card (VAS application) ,and   Writing data to the definition data set of the card; Including at least one of the following steps:   Using the chip card according to claims 1 to 19; and And   30. A step of using the terminal device according to claim 20. 34. The chip car according to any one of claims 1 to 19, Using a terminal device according to claims 20 to 29. Transaction execution method to be used.

────────────────────────────────────────────────── ─── Continuation of front page    (81) Designated countries EP (AT, BE, CH, DE, DK, ES, FI, FR, GB, GR, IE, IT, L U, MC, NL, PT, SE), OA (BF, BJ, CF) , CG, CI, CM, GA, GN, ML, MR, NE, SN, TD, TG), AP (GH, GM, KE, LS, M W, SD, SZ, UG, ZW), EA (AM, AZ, BY) , KG, KZ, MD, RU, TJ, TM), AL, AM , AT, AU, AZ, BA, BB, BG, BR, BY, CA, CH, CN, CU, CZ, DK, EE, ES, F I, GB, GE, GH, GW, HU, ID, IL, IS , JP, KE, KG, KP, KR, KZ, LC, LK, LR, LS, LT, LU, LV, MD, MG, MK, M N, MW, MX, NO, NZ, PL, PT, RO, RU , SD, SE, SG, SI, SK, SL, TJ, TM, TR, TT, UA, UG, US, UZ, VN, YU, Z W (72) Inventor Heinz Michael             Germany Day 34277 Fulda             Bruck das Spenglerschhi             When 11 (72) Inventor Kissinger Stefan             Federal Republic of Germany Day-10823 Berlin             Baltic Burgstrasse 6 (72) Inventor Gorner Michael             Germany Day-81549 Mün             Hen Schwandfelstrasse 3 (72) Inventor Kuchelmeister Anton Yacht             Germany Day 80995 Mün             Hen Johann-Emmel-Strasse 5 (72) Inventor Schweier Andreas             Germany Day-32429 Minde             N Philosofen Beeg 4 (72) Inventor Brugger Adelheide             Germany Day 64625 Bencha             Im Gronawel Strasse 34             ー (72) Inventor Radnotti Michael             Germany Day-85417 Maltz             Ring Bahnhofstrasse 42

Claims (1)

[Claims] 1. In a chip card for executing a transaction, the transaction The value data representing monetary value units or other non-monetary rights is Transfer with at least one transaction partner (service provider) Sent to or presented to the service provider for verification of the rights, The chip card is a memory for storing data necessary for executing the transaction. Device, wherein the chip card comprises:   Each of which has a transaction between the cardholder and one or more service providers. One or more card applications (VAS applications) Application means for loading the application on a card. Card. 2. The loading means,   A data structure (DF_VAS, VAS container) stored inside said means, The data structure is   In which the transaction between the cardholder and the service provider is performed. A substructure (DF_) that can load the data (VAS data) needed to enable the row PT, DF_AD, VAS application)   Stored in the substructure (VAS application) Definition data set containing information on the type and / or structure of the data Wherein said definition dataset further comprises:   Identify the data structure (VAS container) and / or the chip card An identifier (container ID) and the definition data set and / or the data structure (VAS container) at least one system to ensure that the integrity of the Temukey (K_SO2. The chip cap according to claim 1, further comprising: Mode. 3. 3. The chip card according to claim 1 or 2, wherein Mode further   Data exchanged or presented in the execution of a transaction that is financially Transfer storage (EF_T) to hold data representing value units or non-monetary rights RANSFER)   To write data to the transfer storage area in response to a write command (Transfer) A chip card comprising: 4. The card is   Use at least one system key to store data required to execute a transaction. Means for loading said substructure using   The definition data is added to the data loaded in the substructure. Write data to the definition data set to adapt the data in the tuset Means,   Additional substructures that can load the data needed to execute the transaction Means for generating in said storage of a card, and / or   Means for dynamically managing memory on the card,   Claims 1 to 3 including at least one of the following features: 4. The chip card according to claim 1. 5. Each of the partial structures (VAS application) has a specific service provider. A plurality of independent substructures assigned to   The definition data set has at least one system key (K_SOChanged by) Protected from being changed only by the system key,   Loading of the data structure (VAS application) is performed in the definition data set Claims characterized by being able to be executed only using the included system key 5. The chip card according to any one of items 1 to 4. 6. The chip card according to any one of claims 1 to 5, ,   The definition dataset further includes the following features: Including one:   For authentication of the authority of said chip card to a terminal device and / or At least one authentication key for authenticating the authority of the terminal device to the chip card (K_AUT),   At least one signature key for signing data retrieved from the transfer area; ー (K_SIG-VASC),   Write procedure and / or cancellation of value data in the transfer area (no Terminal or application-specific key to verify the Key (KGK)_DEC),   A PIN to verify the authorization of the cardholder for the transaction,   The system key (K_SO), The authentication key (K_AUT), The signature key (K_SIG-VASC ) And the key generation key (KGK)_DEC) Is specific to the card or has a data structure ( DF_VAS), and   The partial structure (VAS application) has at least one of the following features: thing;   At least one numeric storage (EF_VALUE) to hold value data,   At least one internal record for containing internal data related to said substructure Storage (EF_INTERNAL),   To contain non-internal data related to the substructure At least one information storage area (EF_INFO), and   The numerical storage area and / or the internal storage area and / or the information storage area Confidentiality of write and / or read procedures to / from At least one key (K_LVASP, K_RVASPKey storage (EF) _KEY); The chip card further comprises:   The numerical storage area and / or the internal storage area and / or the information storage area Including means for writing to and / or reading from / to the load; The means for doing   Storing the key in the key storage under the protection of the at least one system key; Including means for writing. 7. The chip card according to any one of claims 1 to 6, wherein Wherein the partial structure includes at least one of the following features:   Key (K) to verify that you have permission to write data in the substructure_{LVA SP} ),and   Key (K_{R VASP} ). 8. The key stored in the key storage is specific to each substructure;   The at least one partial structure (VAS application) includes at least one The unique key (K_LVASP, K_RVASP) Protects the execution of the transaction by , The key is specific to each substructure (VAS application) and That each of the substructures (VAS application) is independent of the key The chip card according to any one of claims 1 to 7, characterized in that: 9. The card includes a plurality of the partial structures (VAS applications), Each of the substructures is a transaction between a particular service provider and the cardholder. Used to execute the transaction,   The transaction execution includes writing data to / from the transfer storage area and And / or reading and / or writing data to / from said numerical storage 9. The method according to claim 1, further comprising: The chip card according to any one of the above items. Ten. Between individual substructures (VAS applications) and between substructures and service providers Further comprising means for executing a transaction with the binder. The chip card according to any one of claims 1 to 9, wherein 11． The system key (K_SO) Is the system operator ( SO), known only to the card and specific to the card and / or the data structure (VAS Key),   Other keys included in the definition dataset are card-specific and / or Is a key specific to a data structure (VAS container). 11. The chip card according to any one of items 1 to 10. 12． The chip card according to any one of claims 1 to 11, Wherein the definition dataset has one or more of the following features: Chip card:   An identification number (EF_ID) unique to the data structure,   A directory of a partial structure (EF_DIR) included in the data structure, In the partial structure (VAS application) loaded in the data structure (VAS container) A unique identification number and the substructure (VAS app) within the substructure (VAS container) Application) contains information about the physically stored part, and   Version number of the data structure (EF_VERSION). 13. The chip card according to any one of claims 1 to 12, The card has the following features Having at least one of:   Retrieving and / or canceling data from the transfer storage area Means for performing the TAKE procedure, and   Retrieving and / or canceling data from said transfer storage area; Means for generating one or more authenticity features for the data. 14. To generate authenticity features,   A signature key (K) for generating a digital signature for the retrieved data_{S IG} __VASC)When,   Of the transaction, which is also used to generate the digital signature. Means for generating a transaction number representing the characteristic. 14. The chip card according to any one of claims 1 to 13, wherein: 15． The signing key (K_SIG__VASC) Is generated from a private key generation key Private key for the service provider to verify the signature. 15. A method according to claim 1, wherein a public key is used. The chip card according to claim 1. 16． The chip card according to any one of claims 1 to 15, The card has at least one of the following features:   The key generation key (KGK_DEC) Using terminal equipment and And keys specific to substructures (K_DECMeans for generating   Authorize transactions and / or use at least one of the following features: Means for verifying protection;   A key (K_DEC),   At least one of the authentication keys (K_AUT),   At least one of the system keys (K_SO),   At least one of said substructure-specific keys (K_LVASP, K_RVASP),   The signing key (K_SIG__VASC),   Said PIN,   Said identifier of a substructure; and   The terminal identifier. 17． The chip card according to any one of claims 1 to 16, The card further has at least one of the following features:   Before starting the read or write procedure, use the authentication key to And / or means for authenticating the terminal device, and   Protected by digital signature and / or keying (encoding) A means for performing a read or write procedure. 18． The chip card according to any one of claims 1 to 17, The card further has at least one of the following features:   Means for activating and deactivating said PIN protection; and   Means for changing the PIN. 19. The data structure according to any one of claims 1 to 18, wherein the data structure Independent of the card platform, the card further comprises:   For transferring said data structure or a part of said data structure onto another card The method according to any one of claims 1 to 18, characterized by including means. Chip card. 20. Value data representing monetary value units and / or other non-monetary rights Or data into / from storage area for transfer between different service providers Chip card including a storage area for reading or writing data . twenty one. Use of the chip card according to any one of claims 1 to 20 Terminal device for the, the terminal device,   Identification of the data structure (VAS container) of the chip card, and Including means for identifying the identifier (container ID) to be identified,   The terminal further has at least one of the following features:   At least one of the substructures and / or the definition data set and / or Or means for reading data from the transfer storage area of the card,   Means for writing data to a transfer storage area of the card, and   Data necessary for executing a transaction is stored in at least one partial structure of the card. The means to load into the structure (VAS application). twenty two. 22. The terminal device according to claim 21, wherein the terminal device further comprises: Has at least one of the features:   For executing a transaction between the service terminal device and said cardholder Means for executing the transaction includes at least one of the following steps: ;   Writing data to the numeric storage area;   Writing data to the transfer storage area,   Retrieving and / or canceling data from the transfer storage ,   Reading data from the substructure; and   Reading data from the transfer storage area. twenty three. 23. The terminal device according to claim 21 or claim 22, further comprising: To   Authorize transactions and / or use at least one of the following features: Including means for verifying protection;   A key (K_DEC),   At least one authentication key specific to the card or specific to the data structure (DF_VAS) ー (K_AUT),   At least one system specific to the card or specific to the data structure (DF_VAS) Key (K_SO),   At least one substructure-specific key (K_LVASP, K_RVASP),   At least one signature specific to the card or specific to the data structure (DF_VAS) Key (K_SIG__VASC),   PIN specific to the card or specific to the data structure (DF_VAS),   An identifier unique to the substructure application; and   An identifier unique to the terminal device. twenty four. Means for writing data to the transfer storage area,   For proof of write permission, a key (K_DEC) Use key data from data Claim 21 comprising means for encoding (encoding) 24. The terminal device according to claim 23. twenty five. Data from the transfer storage area being retrieved and / or canceled Claims comprising means for performing a data retrieval procedure. 25. The terminal device according to any one of items 21 to 24. 26. The terminal device according to any one of claims 21 to 25, wherein The terminal further has at least one of the following features:   Means for characterizing the data in the transfer storage area as "retrieved"; And   Means for characterizing the data in the transfer storage area as "expired". 27. The terminal device according to any one of claims 21 to 26, wherein The means for executing a transaction further has at least one of the following features. One:   Means for changing value data in the substructure; and   Different service providers at the expense of the cardholder and for the benefit of the cardholder A means for executing a transaction (interservice) between Ida. 28. Using at least one authentication key, the terminal device Authority and / or to authenticate the authority of the card to the terminal device Means,   Means for protecting transactions by said cardholder using a PIN When,   A contract including means for activating and deactivating PIN protection. 28. The terminal device according to any one of paragraphs 21 to 27. 29. The terminal device according to any one of claims 21 to 28, wherein The terminal further has at least one of the following features:   Means for transferring an identifier unique to a terminal device to the card,   Means for transferring an identifier unique to said partial structure to said card;   Keys specific to terminal devices and substructures and keys specific to the terminal devices and substructures Means for authenticating said authority using a unique identifier; and   Read protected with digital signature and / or key generation (encoding) Or a means for performing a write procedure. 30. The terminal device according to any one of claims 21 to 29, wherein The terminal device further includes: Has at least one of the features:   Means for selecting a substructure (VAS application),   Means for monitoring (viewing) a partial structure in the terminal device;   Means for monitoring (viewing) partial structure data in the terminal device;   Means for loading a partial structure (VAS application) on said card;   The identifier of the loaded partial structure (VAS application) is loaded into the card. Means to do   Means for erasing a partial structure from said card;   Means for replacing one substructure with another substructure;   Means for transferring one partial structure to another card, and   The substructure to the function of the substructure and the service provider associated with the substructure To read and monitor (browse) information stored in the partial structure. Means. 31. Card holder and at least one service using chip card and terminal A method for performing a transaction with a provider, the method comprising: The method involves one of the following steps:   Providing a data structure stored on the chip card; Can execute transactions between the chip card and the service provider To and from the data structure (VAS application) Data (VAS data) required to write or read data is loaded. The   Transfer storage area (ET_TRANSFER), which is exchanged or Is used to contain data representing the monetary unit of value or non-monetary rights presented. , And transfer storage for writing or reading data to / from the transfer storage area Preparing the area. 32. 32. The method according to claim 31, wherein the method further comprises the following steps: Including at least one of the following: a chip card according to claims 1 to 20; Steps to use,   Using the terminal device according to claims 21 to 30, and   The numerical description of at least one of the partial structures (VAS application) Write / read data to / from storage, internal storage or information storage Tep. 33. 33. The method according to claim 31 or claim 32, wherein the method further comprises: At least of the steps below Including one:   The terminal device and / or the chip car using at least one key Authenticating the authority of the   Digital signature and / or key generation (encryption) using at least one key Code) to secure the transaction. 34. In a method for loading data on a chip card using a terminal device The method further comprises at least one of the following steps:   Loading data into the partial structure of the card (VAS application) ,and   Writing data to the definition data set of the card. 35. 35. The data loading method according to claim 34, wherein the method further comprises: Including at least one of the following steps:   Using the chip card according to claims 1 to 20; and And   31. A step of using the terminal device according to claims 21 to 30. 36. The chip card according to claim 1 to claim 20, and the claim card according to claim 21. 31. A transaction execution method characterized by the terminal device according to item 30. .